From 8c6d115888ff69cd914c98f3c57c4be6746f156e Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Tue, 19 Nov 2024 20:25:58 +0000 Subject: [PATCH] Update to rails 8.0.1 --- Gemfile | 6 +- Gemfile.lock | 136 +++++++++--------- bin/dev | 2 + bin/setup | 13 +- bin/thrust | 5 + config/environments/development.rb | 33 ++--- config/environments/production.rb | 87 +++++------ config/environments/test.rb | 30 ++-- config/initializers/canonical_rails.rb | 32 ++--- .../initializers/content_security_policy.rb | 4 +- .../new_framework_defaults_8_0.rb | 30 ++++ config/puma.rb | 14 +- 12 files changed, 199 insertions(+), 193 deletions(-) create mode 100755 bin/dev create mode 100755 bin/thrust create mode 100644 config/initializers/new_framework_defaults_8_0.rb diff --git a/Gemfile b/Gemfile index 277346b838..0416884217 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,7 @@ source "https://rubygems.org" # Require rails -gem "rails", "~> 7.2.0" +gem "rails", "~> 8.0.0" gem "turbo-rails" # Require json for multi_json @@ -61,7 +61,7 @@ gem "http_accept_language", "~> 2.1.1" gem "i18n-js", "~> 3.9.2" gem "openstreetmap-deadlock_retry", ">= 1.3.1", :require => "deadlock_retry" gem "rack-cors" -gem "rails-i18n", "~> 7.0.0" +gem "rails-i18n", "~> 8.0.0" gem "rails_param" gem "rinku", ">= 2.0.6", :require => "rails_rinku" gem "strong_migrations", "< 2.0.0" @@ -118,7 +118,7 @@ gem "dalli" gem "kgio" # Load canonical-rails to generate canonical URLs -gem "canonical-rails" +gem "canonical-rails", :github => "jumph4x/canonical-rails", :ref => "pull/94/head" # Used to generate logstash friendly log files gem "logstasher" diff --git a/Gemfile.lock b/Gemfile.lock index ab8d9f9d14..4e52049a03 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,34 +1,41 @@ +GIT + remote: https://github.com/jumph4x/canonical-rails.git + revision: 09b093de055fb4bbf2f33525a01896377a4b1adf + ref: pull/94/head + specs: + canonical-rails (0.2.16) + actionview (>= 4.1, < 8.1) + GEM remote: https://rubygems.org/ specs: aasm (5.5.0) concurrent-ruby (~> 1.0) - actioncable (7.2.2.1) - actionpack (= 7.2.2.1) - activesupport (= 7.2.2.1) + actioncable (8.0.1) + actionpack (= 8.0.1) + activesupport (= 8.0.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.2.2.1) - actionpack (= 7.2.2.1) - activejob (= 7.2.2.1) - activerecord (= 7.2.2.1) - activestorage (= 7.2.2.1) - activesupport (= 7.2.2.1) + actionmailbox (8.0.1) + actionpack (= 8.0.1) + activejob (= 8.0.1) + activerecord (= 8.0.1) + activestorage (= 8.0.1) + activesupport (= 8.0.1) mail (>= 2.8.0) - actionmailer (7.2.2.1) - actionpack (= 7.2.2.1) - actionview (= 7.2.2.1) - activejob (= 7.2.2.1) - activesupport (= 7.2.2.1) + actionmailer (8.0.1) + actionpack (= 8.0.1) + actionview (= 8.0.1) + activejob (= 8.0.1) + activesupport (= 8.0.1) mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.2.2.1) - actionview (= 7.2.2.1) - activesupport (= 7.2.2.1) + actionpack (8.0.1) + actionview (= 8.0.1) + activesupport (= 8.0.1) nokogiri (>= 1.8.5) - racc - rack (>= 2.2.4, < 3.2) + rack (>= 2.2.4) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) @@ -36,39 +43,39 @@ GEM useragent (~> 0.16) actionpack-page_caching (1.2.4) actionpack (>= 4.0.0) - actiontext (7.2.2.1) - actionpack (= 7.2.2.1) - activerecord (= 7.2.2.1) - activestorage (= 7.2.2.1) - activesupport (= 7.2.2.1) + actiontext (8.0.1) + actionpack (= 8.0.1) + activerecord (= 8.0.1) + activestorage (= 8.0.1) + activesupport (= 8.0.1) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.2.2.1) - activesupport (= 7.2.2.1) + actionview (8.0.1) + activesupport (= 8.0.1) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) active_record_union (1.3.0) activerecord (>= 4.0) - activejob (7.2.2.1) - activesupport (= 7.2.2.1) + activejob (8.0.1) + activesupport (= 8.0.1) globalid (>= 0.3.6) - activemodel (7.2.2.1) - activesupport (= 7.2.2.1) - activerecord (7.2.2.1) - activemodel (= 7.2.2.1) - activesupport (= 7.2.2.1) + activemodel (8.0.1) + activesupport (= 8.0.1) + activerecord (8.0.1) + activemodel (= 8.0.1) + activesupport (= 8.0.1) timeout (>= 0.4.0) activerecord-import (2.0.0) activerecord (>= 4.2) - activestorage (7.2.2.1) - actionpack (= 7.2.2.1) - activejob (= 7.2.2.1) - activerecord (= 7.2.2.1) - activesupport (= 7.2.2.1) + activestorage (8.0.1) + actionpack (= 8.0.1) + activejob (= 8.0.1) + activerecord (= 8.0.1) + activesupport (= 8.0.1) marcel (~> 1.0) - activesupport (7.2.2.1) + activesupport (8.0.1) base64 benchmark (>= 0.3) bigdecimal @@ -80,11 +87,12 @@ GEM minitest (>= 5.1) securerandom (>= 0.3) tzinfo (~> 2.0, >= 2.0.5) + uri (>= 0.13.1) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) - annotate (3.2.0) - activerecord (>= 3.2, < 8.0) - rake (>= 10.4, < 14.0) + annotate (2.6.5) + activerecord (>= 2.3.0) + rake (>= 0.8.7) argon2 (2.3.0) ffi (~> 1.15) ffi-compiler (~> 1.0) @@ -139,8 +147,6 @@ GEM bzip2-ffi (1.1.1) ffi (~> 1.0) cancancan (3.6.1) - canonical-rails (0.2.16) - actionview (>= 4.1, < 7.3) capybara (3.40.0) addressable matrix @@ -487,20 +493,20 @@ GEM rackup (1.0.1) rack (< 3) webrick - rails (7.2.2.1) - actioncable (= 7.2.2.1) - actionmailbox (= 7.2.2.1) - actionmailer (= 7.2.2.1) - actionpack (= 7.2.2.1) - actiontext (= 7.2.2.1) - actionview (= 7.2.2.1) - activejob (= 7.2.2.1) - activemodel (= 7.2.2.1) - activerecord (= 7.2.2.1) - activestorage (= 7.2.2.1) - activesupport (= 7.2.2.1) + rails (8.0.1) + actioncable (= 8.0.1) + actionmailbox (= 8.0.1) + actionmailer (= 8.0.1) + actionpack (= 8.0.1) + actiontext (= 8.0.1) + actionview (= 8.0.1) + activejob (= 8.0.1) + activemodel (= 8.0.1) + activerecord (= 8.0.1) + activestorage (= 8.0.1) + activesupport (= 8.0.1) bundler (>= 1.15.0) - railties (= 7.2.2.1) + railties (= 8.0.1) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -512,15 +518,15 @@ GEM rails-html-sanitizer (1.6.2) loofah (~> 2.21) nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) - rails-i18n (7.0.10) + rails-i18n (8.0.1) i18n (>= 0.7, < 2) - railties (>= 6.0.0, < 8) + railties (>= 8.0.0, < 9) rails_param (1.3.1) actionpack (>= 3.2.0) activesupport (>= 3.2.0) - railties (7.2.2.1) - actionpack (= 7.2.2.1) - activesupport (= 7.2.2.1) + railties (8.0.1) + actionpack (= 8.0.1) + activesupport (= 8.0.1) irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) @@ -680,7 +686,7 @@ DEPENDENCIES browser (< 6) bzip2-ffi cancancan - canonical-rails + canonical-rails! capybara (>= 2.15) config connection_pool @@ -738,9 +744,9 @@ DEPENDENCIES quad_tile (~> 1.0.1) rack-cors rack-uri_sanitizer - rails (~> 7.2.0) + rails (~> 8.0.0) rails-controller-testing - rails-i18n (~> 7.0.0) + rails-i18n (~> 8.0.0) rails_param rinku (>= 2.0.6) rotp diff --git a/bin/dev b/bin/dev new file mode 100755 index 0000000000..5f91c20545 --- /dev/null +++ b/bin/dev @@ -0,0 +1,2 @@ +#!/usr/bin/env ruby +exec "./bin/rails", "server", *ARGV diff --git a/bin/setup b/bin/setup index ff6a475323..674f0c5375 100755 --- a/bin/setup +++ b/bin/setup @@ -2,7 +2,6 @@ require "fileutils" APP_ROOT = File.expand_path("..", __dir__) -APP_NAME = "openstreetmap".freeze def system!(*args) system(*args, :exception => true) @@ -14,7 +13,6 @@ FileUtils.chdir APP_ROOT do # Add necessary setup steps to this file. puts "== Installing dependencies ==" - system! "gem install bundler --conservative" system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" @@ -28,10 +26,9 @@ FileUtils.chdir APP_ROOT do puts "\n== Removing old logs and tempfiles ==" system! "bin/rails log:clear tmp:clear" - puts "\n== Restarting application server ==" - system! "bin/rails restart" - - # puts "\n== Configuring puma-dev ==" - # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}" - # system "curl -Is https://#{APP_NAME}.test/up | head -n 1" + unless ARGV.include?("--skip-server") + puts "\n== Starting development server ==" + STDOUT.flush # flush the output before exec(2) so that it displays + exec "bin/dev" + end end diff --git a/bin/thrust b/bin/thrust new file mode 100755 index 0000000000..36bde2d832 --- /dev/null +++ b/bin/thrust @@ -0,0 +1,5 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +load Gem.bin_path("thruster", "thrust") diff --git a/config/environments/development.rb b/config/environments/development.rb index bc4b587486..ffb0f566c1 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -3,9 +3,7 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded any time - # it changes. This slows down response time but is perfect for development - # since you don't have to restart the web server when you make code changes. + # Make code changes take effect immediately without server restart. config.enable_reloading = true # Do not eager load code on boot. @@ -17,53 +15,46 @@ # Enable server timing. config.server_timing = true - # Enable/disable caching. By default caching is disabled. - # Run rails dev:cache to toggle caching. + # Enable/disable Action Controller caching. By default Action Controller caching is disabled. + # Run rails dev:cache to toggle Action Controller caching. if Rails.root.join("tmp/caching-dev.txt").exist? config.action_controller.perform_caching = true config.action_controller.enable_fragment_cache_logging = true - - config.cache_store = :memory_store - config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{2.days.to_i}" } + config.public_file_server.headers = { "cache-control" => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false - - config.cache_store = :null_store end + # Change to :null_store to avoid any caching. + config.cache_store = :memory_store + # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false - # Disable caching for Action Mailer templates even if Action Controller - # caching is enabled. + # Make template changes take effect immediately. config.action_mailer.perform_caching = false + # Set localhost to be used by links generated in mailer templates. config.action_mailer.default_url_options = { :host => "localhost", :port => 3000 } # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load unless Settings.status == "database_offline" # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true unless Settings.status == "database_offline" + # Append comments with runtime information tags to SQL queries in logs. + config.active_record.query_log_tags_enabled = true + # Highlight code that enqueued background job in logs. config.active_job.verbose_enqueue_logs = true - # Suppress logger output for asset requests. - config.assets.quiet = true - # Export translations automatically. config.middleware.use I18n::JS::Middleware diff --git a/config/environments/production.rb b/config/environments/production.rb index 9a7e072b4e..088412086c 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -6,83 +6,51 @@ # Code is not reloaded between requests. config.enable_reloading = false - # Eager load code on boot. This eager loads most of Rails and - # your application in memory, allowing both threaded web servers - # and those relying on copy on write to perform better. - # Rake tasks automatically ignore this option for performance. + # Eager load code on boot for better performance and memory savings (ignored by Rake tasks). config.eager_load = true - # Full error reports are disabled and caching is turned on. + # Full error reports are disabled. config.consider_all_requests_local = false - config.action_controller.perform_caching = true - - # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment - # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). - # config.require_master_key = true - - # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. - # config.public_file_server.enabled = false - # Compress JavaScripts using a preprocessor. - config.assets.js_compressor = Terser.new - - # Compress CSS using a preprocessor. - # config.assets.css_compressor = :sass + # Turn on fragment caching in view templates. + config.action_controller.perform_caching = true - # Do not fall back to assets pipeline if a precompiled asset is missed. - config.assets.compile = false + # Cache assets for far-future expiry since they are all digest stamped. + config.public_file_server.headers = { "cache-control" => "public, max-age=#{1.year.to_i}" } # Enable serving of images, stylesheets, and JavaScripts from an asset server. # config.asset_host = "http://assets.example.com" - # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache - # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX - # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local - # Mount Action Cable outside main process or domain. - # config.action_cable.mount_path = nil - # config.action_cable.url = "wss://example.com/cable" - # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ] - # Assume all access to the app is happening through a SSL-terminating reverse proxy. - # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. - # config.assume_ssl = true + config.assume_ssl = true # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - # config.force_ssl = true + config.force_ssl = true # Skip http-to-https redirect for the default health check endpoint. # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } - # Log to STDOUT by default - # config.logger = ActiveSupport::Logger.new(STDOUT) - # .tap { |logger| logger.formatter = ::Logger::Formatter.new } - # .then { |logger| ActiveSupport::TaggedLogging.new(logger) } - - # Prepend all log lines with the following tags. + # Log to STDOUT with the current request id as a default log tag. config.log_tags = [:request_id] + config.logger = ActiveSupport::TaggedLogging.logger($stdout) - # "info" includes generic and useful information about system operation, but avoids logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). If you - # want to log everything, set the level to "debug". + # Change to "debug" to log everything (including potentially personally-identifiable information!) config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") - # Use a different log path in production. - config.paths["log"] = Settings.log_path if Settings.key?(:log_path) + # Prevent health checks from clogging up the logs. + config.silence_healthcheck_path = "/up" + + # Don't log any deprecations. + config.active_support.report_deprecations = false - # Use a different cache store in production. + # Replace the default in-process memory cache store with a durable alternative. # config.cache_store = :mem_cache_store - # Use a real queuing backend for Active Job (and separate queues per environment). + # Replace the default in-process and non-durable queuing backend for Active Job. # config.active_job.queue_adapter = :resque - # config.active_job.queue_name_prefix = "openstreetmap_production" - - # Disable caching for Action Mailer templates even if Action Controller - # caching is enabled. - config.action_mailer.perform_caching = false # Configure caching of static assets config.action_controller.page_cache_directory = Rails.public_path @@ -91,21 +59,34 @@ # Set this to true and configure the email server for immediate delivery to raise delivery errors. # config.action_mailer.raise_delivery_errors = false + # Set host to be used by links generated in mailer templates. + config.action_mailer.default_url_options = { :host => "example.com" } + + # Specify outgoing SMTP server. Remember to add smtp/* credentials via rails credentials:edit. + # config.action_mailer.smtp_settings = { + # user_name: Rails.application.credentials.dig(:smtp, :user_name), + # password: Rails.application.credentials.dig(:smtp, :password), + # address: "smtp.example.com", + # port: 587, + # authentication: :plain + # } + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Don't log any deprecations. - config.active_support.report_deprecations = false - # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false unless Settings.status == "database_offline" + # Only use :id for inspections in production. + config.active_record.attributes_for_inspect = [:id] + # Enable DNS rebinding protection and other `Host` header attacks. # config.hosts = [ # "example.com", # Allow requests from example.com # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` # ] + # # Skip DNS rebinding protection for the default health check endpoint. # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } diff --git a/config/environments/test.rb b/config/environments/test.rb index 7ac52c5e4d..5490cf0d9e 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,5 +1,3 @@ -require "active_support/core_ext/integer/time" - # The test environment is used exclusively to run your application's # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped @@ -17,12 +15,11 @@ # loading is working properly before deploying your code. config.eager_load = ENV["CI"].present? - # Configure public file server for tests with Cache-Control for performance. - config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{1.hour.to_i}" } + # Configure public file server for tests with cache-control for performance. + config.public_file_server.headers = { "cache-control" => "public, max-age=3600" } - # Show full error reports and disable caching. + # Show full error reports. config.consider_all_requests_local = true - config.action_controller.perform_caching = false config.cache_store = :null_store # Render exception templates for rescuable exceptions and raise for other exceptions. @@ -37,31 +34,17 @@ # Disable logging in tests, for speed increases. Set to :info to bring back logging config.log_level = :warn - # Disable caching for Action Mailer templates even if Action Controller - # caching is enabled. - config.action_mailer.perform_caching = false - # Tell Action Mailer not to deliver emails to the real world. # The :test delivery method accumulates sent emails in the # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test - # Unlike controllers, the mailer instance doesn't have any context about the - # incoming request so you'll need to provide the :host parameter yourself. + # Set host to be used by links generated in mailer templates. config.action_mailer.default_url_options = { :host => Settings.server_url } # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - - # Export translations automatically. - config.middleware.use I18n::JS::Middleware - # Raises error for missing translations. config.i18n.raise_on_missing_translations = true @@ -74,6 +57,9 @@ # Use the test adapter for ActiveJob during testing. config.active_job.queue_adapter = :test - # Allow FactoryBot to set primary key attributes + # Allow FactoryBot to set primary key attributes. config.factory_bot.reject_primary_key_attributes = false + + # Disable page caching. + config.action_controller.perform_caching = false end diff --git a/config/initializers/canonical_rails.rb b/config/initializers/canonical_rails.rb index c2c8440476..3731a90ea4 100644 --- a/config/initializers/canonical_rails.rb +++ b/config/initializers/canonical_rails.rb @@ -1,23 +1,23 @@ -CanonicalRails.setup do |config| - # Force the protocol. If you do not specify, the protocol will be based on the incoming request's protocol. +# CanonicalRails.setup do |config| +# # Force the protocol. If you do not specify, the protocol will be based on the incoming request's protocol. - config.protocol = "#{Settings.server_protocol}://" +# config.protocol = "#{Settings.server_protocol}://" - # This is the main host, not just the TLD, omit slashes and protocol. If you have more than one, pick the one you want to rank in search results. +# # This is the main host, not just the TLD, omit slashes and protocol. If you have more than one, pick the one you want to rank in search results. - config.host = Settings.server_url - config.port = Settings.server_protocol == "https" ? 443 : 80 +# config.host = Settings.server_url +# config.port = Settings.server_protocol == "https" ? 443 : 80 - # http://en.wikipedia.org/wiki/URL_normalization - # Trailing slash represents semantics of a directory, ie a collection view - implying an :index get route; - # otherwise we have to assume semantics of an instance of a resource type, a member view - implying a :show get route - # - # Acts as a whitelist for routes to have trailing slashes +# # http://en.wikipedia.org/wiki/URL_normalization +# # Trailing slash represents semantics of a directory, ie a collection view - implying an :index get route; +# # otherwise we have to assume semantics of an instance of a resource type, a member view - implying a :show get route +# # +# # Acts as a whitelist for routes to have trailing slashes - config.collection_actions = [:index] +# config.collection_actions = [:index] - # Parameter spamming can cause index dilution by creating seemingly different URLs with identical or near-identical content. - # Unless whitelisted, these parameters will be omitted +# # Parameter spamming can cause index dilution by creating seemingly different URLs with identical or near-identical content. +# # Unless whitelisted, these parameters will be omitted - config.whitelisted_parameters = [] -end +# config.whitelisted_parameters = [] +# end diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 9ddaf70f94..2b7260f317 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -36,9 +36,9 @@ policy.report_uri(Settings.csp_report_url) if Settings.key?(:csp_report_url) end - # Generate session nonces for permitted importmap and inline scripts + # Generate session nonces for permitted importmap, inline scripts, and inline styles. config.content_security_policy_nonce_generator = ->(_request) { SecureRandom.base64(24) } - config.content_security_policy_nonce_directives = %w[style-src] + config.content_security_policy_nonce_directives = %w[script-src style-src] # Report violations without enforcing the policy. config.content_security_policy_report_only = true unless Settings.csp_enforce diff --git a/config/initializers/new_framework_defaults_8_0.rb b/config/initializers/new_framework_defaults_8_0.rb new file mode 100644 index 0000000000..92efa95152 --- /dev/null +++ b/config/initializers/new_framework_defaults_8_0.rb @@ -0,0 +1,30 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 8.0 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `8.0`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +### +# Specifies whether `to_time` methods preserve the UTC offset of their receivers or preserves the timezone. +# If set to `:zone`, `to_time` methods will use the timezone of their receivers. +# If set to `:offset`, `to_time` methods will use the UTC offset. +# If `false`, `to_time` methods will convert to the local system UTC offset instead. +#++ +# Rails.application.config.active_support.to_time_preserves_timezone = :zone + +### +# When both `If-Modified-Since` and `If-None-Match` are provided by the client +# only consider `If-None-Match` as specified by RFC 7232 Section 6. +# If set to `false` both conditions need to be satisfied. +#++ +# Rails.application.config.action_dispatch.strict_freshness = true + +### +# Set `Regexp.timeout` to `1`s by default to improve security over Regexp Denial-of-Service attacks. +#++ +# Regexp.timeout = 1 diff --git a/config/puma.rb b/config/puma.rb index 60e1b9c67a..a248513b24 100644 --- a/config/puma.rb +++ b/config/puma.rb @@ -1,13 +1,17 @@ # This configuration file will be evaluated by Puma. The top-level methods that # are invoked here are part of Puma's configuration DSL. For more information # about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html. - +# # Puma starts a configurable number of processes (workers) and each process # serves each request in a thread from an internal thread pool. # +# You can control the number of workers using ENV["WEB_CONCURRENCY"]. You +# should only set this value when you want to run 2 or more workers. The +# default is already 1. +# # The ideal number of threads per worker depends both on how much time the # application spends waiting for IO operations and on how much you wish to -# to prioritize throughput over latency. +# prioritize throughput over latency. # # As a rule of thumb, increasing the number of threads will increase how much # traffic a given process can handle (throughput), but due to CRuby's @@ -29,5 +33,9 @@ # Allow puma to be restarted by `bin/rails restart` command. plugin :tmp_restart -# Only use a pidfile when requested +# Run the Solid Queue supervisor inside of Puma for single-server deployments +plugin :solid_queue if ENV["SOLID_QUEUE_IN_PUMA"] + +# Specify the PID file. Defaults to tmp/pids/server.pid in development. +# In other environments, only set the PID file if requested. pidfile ENV["PIDFILE"] if ENV["PIDFILE"]