From 6220e24cbd997b8f41c4b58bc97d8854c47eb8da Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Fri, 10 Oct 2025 14:31:48 +1300 Subject: [PATCH 1/4] rails upgrade --- Gemfile | 4 +- Gemfile.lock | 464 +++++++++--------- bin/brakeman | 7 + bin/rubocop | 8 + bin/setup | 6 +- config/application.rb | 4 +- config/environments/development.rb | 18 +- config/environments/production.rb | 8 +- config/environments/test.rb | 13 +- config/initializers/cors.rb | 2 - .../initializers/filter_parameter_logging.rb | 4 +- config/initializers/inflections.rb | 2 - .../new_framework_defaults_7_2.rb | 70 +++ config/puma.rb | 62 +-- 14 files changed, 390 insertions(+), 282 deletions(-) create mode 100755 bin/brakeman create mode 100755 bin/rubocop create mode 100644 config/initializers/new_framework_defaults_7_2.rb diff --git a/Gemfile b/Gemfile index 68b1a269..95e32de2 100644 --- a/Gemfile +++ b/Gemfile @@ -16,12 +16,12 @@ gem 'oai' gem 'ougai' gem 'parse-cron' gem 'puma' -gem 'rails', '~> 7.1.3' +gem 'rails', '~> 7.2.2.2' gem 'responders' gem 'sidekiq', '~> 7.0' # gem 'supplejack_common', path: '~/Dev/supplejack/gems/supplejack_common' # gem 'supplejack_common', github: 'DigitalNZ/supplejack_common', branch: 'pm/upgrade' -gem 'supplejack_common', github: 'DigitalNZ/supplejack_common', tag: 'v3.0.2' +gem 'supplejack_common', github: 'DigitalNZ/supplejack_common', branch: 'tw/rails-7-2' gem 'whenever', require: false gem 'brakeman' gem 'amazing_print' diff --git a/Gemfile.lock b/Gemfile.lock index 85168d8c..ddbccd40 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,11 +1,12 @@ GIT remote: https://github.com/DigitalNZ/supplejack_common - revision: 491d088458ed67ad9c578342492cba3703b42330 - tag: v3.0.2 + revision: 34fa563e573bf7baf86c11cae3e3877274c30277 + branch: tw/rails-7-2 specs: supplejack_common (3.0.0) - actionpack (~> 7.1.4) - activesupport (~> 7.1.4) + actionpack (~> 7.2.2.2) + activemodel (~> 7.2.2.2) + activesupport (~> 7.2.2.2) aws-sdk-s3 chronic (<= 0.10.2) dimensions @@ -19,6 +20,7 @@ GIT mongoid nokogiri oai + observer redis rest-client retriable @@ -27,9 +29,9 @@ GIT GIT remote: https://github.com/boost/codeclimate_diff - revision: 32e3101935976eecd8ac59b65a205cba3c85d933 + revision: ee2cece9fb5baffb8d9a367c2ffa41e1266a3c32 specs: - codeclimate_diff (0.1.10) + codeclimate_diff (0.1.14) colorize json optparse @@ -39,167 +41,166 @@ GIT GEM remote: https://rubygems.org/ specs: - aasm (5.5.0) + aasm (5.5.1) concurrent-ruby (~> 1.0) - actioncable (7.1.5.1) - actionpack (= 7.1.5.1) - activesupport (= 7.1.5.1) + actioncable (7.2.2.2) + actionpack (= 7.2.2.2) + activesupport (= 7.2.2.2) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.1.5.1) - actionpack (= 7.1.5.1) - activejob (= 7.1.5.1) - activerecord (= 7.1.5.1) - activestorage (= 7.1.5.1) - activesupport (= 7.1.5.1) - mail (>= 2.7.1) - net-imap - net-pop - net-smtp - actionmailer (7.1.5.1) - actionpack (= 7.1.5.1) - actionview (= 7.1.5.1) - activejob (= 7.1.5.1) - activesupport (= 7.1.5.1) - mail (~> 2.5, >= 2.5.4) - net-imap - net-pop - net-smtp + actionmailbox (7.2.2.2) + actionpack (= 7.2.2.2) + activejob (= 7.2.2.2) + activerecord (= 7.2.2.2) + activestorage (= 7.2.2.2) + activesupport (= 7.2.2.2) + mail (>= 2.8.0) + actionmailer (7.2.2.2) + actionpack (= 7.2.2.2) + actionview (= 7.2.2.2) + activejob (= 7.2.2.2) + activesupport (= 7.2.2.2) + mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.1.5.1) - actionview (= 7.1.5.1) - activesupport (= 7.1.5.1) + actionpack (7.2.2.2) + actionview (= 7.2.2.2) + activesupport (= 7.2.2.2) nokogiri (>= 1.8.5) racc - rack (>= 2.2.4) + rack (>= 2.2.4, < 3.2) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - actiontext (7.1.5.1) - actionpack (= 7.1.5.1) - activerecord (= 7.1.5.1) - activestorage (= 7.1.5.1) - activesupport (= 7.1.5.1) + useragent (~> 0.16) + actiontext (7.2.2.2) + actionpack (= 7.2.2.2) + activerecord (= 7.2.2.2) + activestorage (= 7.2.2.2) + activesupport (= 7.2.2.2) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.1.5.1) - activesupport (= 7.1.5.1) + actionview (7.2.2.2) + activesupport (= 7.2.2.2) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - active_model_serializers (0.10.14) + active_model_serializers (0.10.15) actionpack (>= 4.1) activemodel (>= 4.1) case_transform (>= 0.2) jsonapi-renderer (>= 0.1.1.beta1, < 0.3) - activejob (7.1.5.1) - activesupport (= 7.1.5.1) + activejob (7.2.2.2) + activesupport (= 7.2.2.2) globalid (>= 0.3.6) - activemodel (7.1.5.1) - activesupport (= 7.1.5.1) - activemodel-serializers-xml (1.0.2) - activemodel (> 5.x) - activesupport (> 5.x) + activemodel (7.2.2.2) + activesupport (= 7.2.2.2) + activemodel-serializers-xml (1.0.3) + activemodel (>= 5.0.0.a) + activesupport (>= 5.0.0.a) builder (~> 3.1) - activerecord (7.1.5.1) - activemodel (= 7.1.5.1) - activesupport (= 7.1.5.1) + activerecord (7.2.2.2) + activemodel (= 7.2.2.2) + activesupport (= 7.2.2.2) timeout (>= 0.4.0) - activeresource (6.1.0) - activemodel (>= 6.0) + activeresource (6.2.0) + activemodel (>= 7.0) activemodel-serializers-xml (~> 1.0) - activesupport (>= 6.0) - activestorage (7.1.5.1) - actionpack (= 7.1.5.1) - activejob (= 7.1.5.1) - activerecord (= 7.1.5.1) - activesupport (= 7.1.5.1) + activesupport (>= 7.0) + activestorage (7.2.2.2) + actionpack (= 7.2.2.2) + activejob (= 7.2.2.2) + activerecord (= 7.2.2.2) + activesupport (= 7.2.2.2) marcel (~> 1.0) - activesupport (7.1.5.1) + activesupport (7.2.2.2) base64 benchmark (>= 0.3) bigdecimal - concurrent-ruby (~> 1.0, >= 1.0.2) + concurrent-ruby (~> 1.0, >= 1.3.1) connection_pool (>= 2.2.5) drb i18n (>= 1.6, < 2) logger (>= 1.4.2) minitest (>= 5.1) - mutex_m securerandom (>= 0.3) - tzinfo (~> 2.0) + tzinfo (~> 2.0, >= 2.0.5) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) - amazing_print (1.6.0) - ast (2.4.2) - aws-eventstream (1.3.0) - aws-partitions (1.962.0) - aws-sdk-comprehend (1.87.0) - aws-sdk-core (~> 3, >= 3.201.0) + amazing_print (2.0.0) + ast (2.4.3) + aws-eventstream (1.4.0) + aws-partitions (1.1171.0) + aws-sdk-comprehend (1.106.0) + aws-sdk-core (~> 3, >= 3.231.0) aws-sigv4 (~> 1.5) - aws-sdk-core (3.201.3) + aws-sdk-core (3.233.0) aws-eventstream (~> 1, >= 1.3.0) - aws-partitions (~> 1, >= 1.651.0) - aws-sigv4 (~> 1.8) + aws-partitions (~> 1, >= 1.992.0) + aws-sigv4 (~> 1.9) + base64 + bigdecimal jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.88.0) - aws-sdk-core (~> 3, >= 3.201.0) + logger + aws-sdk-kms (1.113.0) + aws-sdk-core (~> 3, >= 3.231.0) aws-sigv4 (~> 1.5) - aws-sdk-rekognition (1.102.0) - aws-sdk-core (~> 3, >= 3.201.0) + aws-sdk-rekognition (1.122.0) + aws-sdk-core (~> 3, >= 3.231.0) aws-sigv4 (~> 1.5) - aws-sdk-s3 (1.157.0) - aws-sdk-core (~> 3, >= 3.201.0) + aws-sdk-s3 (1.199.1) + aws-sdk-core (~> 3, >= 3.231.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.5) - aws-sigv4 (1.9.1) + aws-sigv4 (1.12.1) aws-eventstream (~> 1, >= 1.0.2) base64 (0.3.0) benchmark (0.4.1) - bigdecimal (3.2.2) - brakeman (6.1.2) + bigdecimal (3.3.1) + brakeman (7.1.0) racc - bson (5.0.1) + bson (5.1.1) builder (3.3.0) - byebug (11.1.3) + byebug (12.0.0) case_transform (0.2) activesupport chronic (0.10.2) coderay (1.1.3) colorize (1.1.0) concurrent-ruby (1.3.5) - connection_pool (2.5.3) + connection_pool (2.5.4) crass (1.0.6) database_cleaner-core (2.0.1) database_cleaner-mongoid (2.0.1) database_cleaner-core (~> 2.0.0) mongoid date (3.4.1) - diff-lcs (1.5.1) + diff-lcs (1.6.2) dimensions (1.3.0) domain_name (0.6.20240107) drb (2.2.3) - elastic-apm (4.7.3) + elastic-apm (4.8.0) concurrent-ruby (~> 1.0) http (>= 3.0) ruby2_keywords + erb (5.0.3) erubi (1.13.1) - factory_bot (6.4.6) - activesupport (>= 5.0.0) - factory_bot_rails (6.4.3) - factory_bot (~> 6.4) - railties (>= 5.0.0) - faraday (2.10.1) - faraday-net_http (>= 2.0, < 3.2) + factory_bot (6.5.5) + activesupport (>= 6.1.0) + factory_bot_rails (6.5.1) + factory_bot (~> 6.5) + railties (>= 6.1.0) + faraday (2.14.0) + faraday-net_http (>= 2.0, < 3.5) + json logger - faraday-follow_redirects (0.3.0) + faraday-follow_redirects (0.4.0) faraday (>= 1, < 3) - faraday-net_http (3.1.1) - net-http - faraday-retry (2.2.1) + faraday-net_http (3.4.1) + net-http (>= 0.5.0) + faraday-retry (2.3.2) faraday (~> 2.0) ffi (1.17.2-aarch64-linux-gnu) ffi (1.17.2-aarch64-linux-musl) @@ -214,29 +215,29 @@ GEM ffi-compiler (1.3.2) ffi (>= 1.15.5) rake - figaro (1.2.0) + figaro (1.3.0) thor (>= 0.14.0, < 2) - globalid (1.2.1) + globalid (1.3.0) activesupport (>= 6.1) htmlentities (4.3.4) - http (5.2.0) + http (5.3.1) addressable (~> 2.8) - base64 (~> 0.1) http-cookie (~> 1.0) http-form_data (~> 2.2) llhttp-ffi (~> 0.5.0) http-accept (1.7.0) - http-cookie (1.0.6) + http-cookie (1.1.0) domain_name (~> 0.5) http-form_data (2.3.0) i18n (1.14.7) concurrent-ruby (~> 1.0) - io-console (0.7.2) - irb (1.14.1) + io-console (0.8.1) + irb (1.15.2) + pp (>= 0.6.0) rdoc (>= 4.0.0) reline (>= 0.4.2) jmespath (1.6.2) - json (2.7.2) + json (2.15.1) jsonapi-renderer (0.2.2) jsonpath (1.1.5) multi_json @@ -255,8 +256,9 @@ GEM kaminari-mongoid (1.0.2) kaminari-core (~> 1.0) mongoid - language_server-protocol (3.17.0.3) - llhttp-ffi (0.5.0) + language_server-protocol (3.17.0.5) + lint_roller (1.1.0) + llhttp-ffi (0.5.1) ffi-compiler (~> 1.0) rake (~> 13.0) logger (1.7.0) @@ -273,86 +275,96 @@ GEM net-imap net-pop net-smtp - marcel (1.0.4) + marcel (1.1.0) method_source (1.1.0) - mime-types (3.5.2) - mime-types-data (~> 3.2015) - mime-types-data (3.2024.0806) + mime-types (3.7.0) + logger + mime-types-data (~> 3.2025, >= 3.2025.0507) + mime-types-data (3.2025.0924) mimemagic (0.4.3) nokogiri (~> 1) rake mini_mime (1.1.5) mini_portile2 (2.8.9) - minitest (5.25.5) - mongo (2.20.1) + minitest (5.26.0) + mongo (2.21.3) + base64 bson (>= 4.14.1, < 6.0.0) - mongoid (9.0.1) - activemodel (>= 5.1, < 7.2, != 7.0.0) + mongoid (9.0.8) + activemodel (>= 5.1, < 8.1, != 7.0.0) concurrent-ruby (>= 1.0.5, < 2.0) mongo (>= 2.18.0, < 3.0.0) - multi_json (1.15.0) - mutex_m (0.3.0) - net-http (0.4.1) + multi_json (1.17.0) + net-http (0.6.0) uri - net-imap (0.5.8) + net-imap (0.5.12) date net-protocol net-pop (0.1.2) net-protocol net-protocol (0.2.2) timeout - net-smtp (0.5.0) + net-smtp (0.5.1) net-protocol netrc (0.11.0) nio4r (2.7.4) - nokogiri (1.18.8) + nokogiri (1.18.10) mini_portile2 (~> 2.8.2) racc (~> 1.4) - nokogiri (1.18.8-aarch64-linux-gnu) + nokogiri (1.18.10-aarch64-linux-gnu) racc (~> 1.4) - nokogiri (1.18.8-aarch64-linux-musl) + nokogiri (1.18.10-aarch64-linux-musl) racc (~> 1.4) - nokogiri (1.18.8-arm-linux-gnu) + nokogiri (1.18.10-arm-linux-gnu) racc (~> 1.4) - nokogiri (1.18.8-arm-linux-musl) + nokogiri (1.18.10-arm-linux-musl) racc (~> 1.4) - nokogiri (1.18.8-arm64-darwin) + nokogiri (1.18.10-arm64-darwin) racc (~> 1.4) - nokogiri (1.18.8-x86_64-darwin) + nokogiri (1.18.10-x86_64-darwin) racc (~> 1.4) - nokogiri (1.18.8-x86_64-linux-gnu) + nokogiri (1.18.10-x86_64-linux-gnu) racc (~> 1.4) - nokogiri (1.18.8-x86_64-linux-musl) + nokogiri (1.18.10-x86_64-linux-musl) racc (~> 1.4) - oai (1.2.1) + oai (1.3.0) builder (>= 3.1.0) faraday (< 3) faraday-follow_redirects (>= 0.3.0, < 2) - oj (3.16.4) + rexml + observer (0.1.2) + oj (3.16.11) bigdecimal (>= 3.0) - optparse (0.5.0) + ostruct (>= 0.2) + optparse (0.6.0) + ostruct (0.6.3) ougai (2.0.0) oj (~> 3.10) - parallel (1.25.1) + parallel (1.27.0) parse-cron (0.1.4) - parser (3.3.4.0) + parser (3.3.9.0) ast (~> 2.4.1) racc - pry (0.14.2) + pp (0.6.3) + prettyprint + prettyprint (0.2.0) + prism (1.5.2) + pry (0.15.2) coderay (~> 1.1) method_source (~> 1.0) - pry-byebug (3.10.1) - byebug (~> 11.0) - pry (>= 0.13, < 0.15) + pry-byebug (3.11.0) + byebug (~> 12.0) + pry (>= 0.13, < 0.16) pry-rails (0.3.11) pry (>= 0.13.0) - psych (5.2.0) + psych (5.2.6) + date stringio - public_suffix (6.0.1) - puma (6.4.3) + public_suffix (6.0.2) + puma (7.0.4) nio4r (~> 2.0) racc (1.8.1) - rack (3.1.16) + rack (3.1.18) rack-session (2.1.1) base64 (>= 0.1.0) rack (>= 3.0.0) @@ -360,20 +372,20 @@ GEM rack (>= 1.3) rackup (2.2.1) rack (>= 3) - rails (7.1.5.1) - actioncable (= 7.1.5.1) - actionmailbox (= 7.1.5.1) - actionmailer (= 7.1.5.1) - actionpack (= 7.1.5.1) - actiontext (= 7.1.5.1) - actionview (= 7.1.5.1) - activejob (= 7.1.5.1) - activemodel (= 7.1.5.1) - activerecord (= 7.1.5.1) - activestorage (= 7.1.5.1) - activesupport (= 7.1.5.1) + rails (7.2.2.2) + actioncable (= 7.2.2.2) + actionmailbox (= 7.2.2.2) + actionmailer (= 7.2.2.2) + actionpack (= 7.2.2.2) + actiontext (= 7.2.2.2) + actionview (= 7.2.2.2) + activejob (= 7.2.2.2) + activemodel (= 7.2.2.2) + activerecord (= 7.2.2.2) + activestorage (= 7.2.2.2) + activesupport (= 7.2.2.2) bundler (>= 1.15.0) - railties (= 7.1.5.1) + railties (= 7.2.2.2) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -385,28 +397,30 @@ GEM rails-html-sanitizer (1.6.2) loofah (~> 2.21) nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) - railties (7.1.5.1) - actionpack (= 7.1.5.1) - activesupport (= 7.1.5.1) - irb + railties (7.2.2.2) + actionpack (= 7.2.2.2) + activesupport (= 7.2.2.2) + irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) thor (~> 1.0, >= 1.2.2) zeitwerk (~> 2.6) rainbow (3.1.1) - rake (13.2.1) - rdoc (6.8.1) + rake (13.3.0) + rdoc (6.15.0) + erb psych (>= 4.0.0) - redis (5.2.0) + tsort + redis (5.4.1) redis-client (>= 0.22.0) - redis-client (0.22.2) + redis-client (0.26.1) connection_pool - regexp_parser (2.9.2) - reline (0.5.11) + regexp_parser (2.11.3) + reline (0.6.2) io-console (~> 0.5) request_store (1.7.0) rack (>= 1.4) - resolv (0.6.0) + resolv (0.6.2) resolv-replace (0.1.1) resolv responders (3.1.1) @@ -418,97 +432,109 @@ GEM mime-types (>= 1.16, < 4.0) netrc (~> 0.8) retriable (3.1.2) - rexml (3.3.9) - rspec-activemodel-mocks (1.2.0) + rexml (3.4.4) + rspec-activemodel-mocks (1.3.0) activemodel (>= 3.0) activesupport (>= 3.0) rspec-mocks (>= 2.99, < 4.0) - rspec-core (3.13.0) + rspec-core (3.13.5) rspec-support (~> 3.13.0) - rspec-expectations (3.13.1) + rspec-expectations (3.13.5) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-mocks (3.13.1) + rspec-mocks (3.13.5) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-rails (6.1.3) - actionpack (>= 6.1) - activesupport (>= 6.1) - railties (>= 6.1) + rspec-rails (8.0.2) + actionpack (>= 7.2) + activesupport (>= 7.2) + railties (>= 7.2) rspec-core (~> 3.13) rspec-expectations (~> 3.13) rspec-mocks (~> 3.13) rspec-support (~> 3.13) - rspec-sidekiq (5.0.0) + rspec-sidekiq (5.2.0) rspec-core (~> 3.0) rspec-expectations (~> 3.0) rspec-mocks (~> 3.0) - sidekiq (>= 5, < 8) - rspec-support (3.13.1) - rubocop (1.65.0) + sidekiq (>= 5, < 9) + rspec-support (3.13.6) + rubocop (1.81.1) json (~> 2.3) - language_server-protocol (>= 3.17.0) + language_server-protocol (~> 3.17.0.2) + lint_roller (~> 1.1.0) parallel (~> 1.10) parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) - regexp_parser (>= 2.4, < 3.0) - rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.31.1, < 2.0) + regexp_parser (>= 2.9.3, < 3.0) + rubocop-ast (>= 1.47.1, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.31.3) - parser (>= 3.3.1.0) - rubocop-md (1.2.2) - rubocop (>= 1.0) - rubocop-minitest (0.35.1) - rubocop (>= 1.61, < 2.0) - rubocop-ast (>= 1.31.1, < 2.0) - rubocop-packaging (0.5.2) - rubocop (>= 1.33, < 2.0) - rubocop-performance (1.21.1) - rubocop (>= 1.48.1, < 2.0) - rubocop-ast (>= 1.31.1, < 2.0) - rubocop-rails (2.25.1) + unicode-display_width (>= 2.4.0, < 4.0) + rubocop-ast (1.47.1) + parser (>= 3.3.7.2) + prism (~> 1.4) + rubocop-md (2.0.3) + lint_roller (~> 1.1) + rubocop (>= 1.72.1) + rubocop-minitest (0.38.2) + lint_roller (~> 1.1) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.38.0, < 2.0) + rubocop-packaging (0.6.0) + lint_roller (~> 1.1.0) + rubocop (>= 1.72.1, < 2.0) + rubocop-performance (1.26.0) + lint_roller (~> 1.1) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.44.0, < 2.0) + rubocop-rails (2.33.4) activesupport (>= 4.2.0) + lint_roller (~> 1.1) rack (>= 1.1) - rubocop (>= 1.33.0, < 2.0) - rubocop-ast (>= 1.31.1, < 2.0) - rubocop-rails_config (1.16.0) - rubocop (>= 1.57.0) - rubocop-ast (>= 1.26.0) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.44.0, < 2.0) + rubocop-rails_config (1.17.1) + rubocop (>= 1.72.2) + rubocop-ast (>= 1.38.0) rubocop-md - rubocop-minitest (~> 0.22) - rubocop-packaging (~> 0.5) - rubocop-performance (~> 1.11) - rubocop-rails (~> 2.0) - rubocop-rspec (3.0.3) - rubocop (~> 1.61) + rubocop-minitest (~> 0.37) + rubocop-packaging (~> 0.6) + rubocop-performance (~> 1.24) + rubocop-rails (~> 2.30) + rubocop-rspec (3.7.0) + lint_roller (~> 1.1) + rubocop (~> 1.72, >= 1.72.1) ruby-progressbar (1.13.0) ruby2_keywords (0.0.5) - sanitize (6.1.2) + sanitize (7.0.0) crass (~> 1.0.2) - nokogiri (>= 1.12.0) + nokogiri (>= 1.16.8) securerandom (0.4.1) - sidekiq (7.3.0) - concurrent-ruby (< 2) + sidekiq (7.3.9) + base64 connection_pool (>= 2.3.0) logger rack (>= 2.2.4) redis-client (>= 0.22.2) - stringio (3.1.2) - thor (1.3.2) + stringio (3.1.7) + thor (1.4.0) timecop (0.9.10) timeout (0.4.3) + tsort (0.2.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (2.5.0) - uri (1.0.3) - websocket-driver (0.7.6) + unicode-display_width (3.2.0) + unicode-emoji (~> 4.1) + unicode-emoji (4.1.0) + uri (1.0.4) + useragent (0.16.11) + websocket-driver (0.8.0) + base64 websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) whenever (1.0.0) chronic (>= 0.6.3) - zeitwerk (2.7.1) + zeitwerk (2.7.3) PLATFORMS aarch64-linux @@ -550,7 +576,7 @@ DEPENDENCIES pry-byebug pry-rails puma - rails (~> 7.1.3) + rails (~> 7.2.2.2) rails-controller-testing resolv-replace responders diff --git a/bin/brakeman b/bin/brakeman new file mode 100755 index 00000000..ace1c9ba --- /dev/null +++ b/bin/brakeman @@ -0,0 +1,7 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +ARGV.unshift("--ensure-latest") + +load Gem.bin_path("brakeman", "brakeman") diff --git a/bin/rubocop b/bin/rubocop new file mode 100755 index 00000000..40330c0f --- /dev/null +++ b/bin/rubocop @@ -0,0 +1,8 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +# explicit rubocop config increases performance slightly while avoiding config confusion. +ARGV.unshift("--config", File.expand_path("../.rubocop.yml", __dir__)) + +load Gem.bin_path("rubocop", "rubocop") diff --git a/bin/setup b/bin/setup index cf2acd18..6d2d6577 100755 --- a/bin/setup +++ b/bin/setup @@ -1,8 +1,8 @@ #!/usr/bin/env ruby require "fileutils" -# path to your application root. APP_ROOT = File.expand_path("..", __dir__) +APP_NAME = "harvester-worker" def system!(*args) system(*args, exception: true) @@ -22,4 +22,8 @@ FileUtils.chdir APP_ROOT do puts "\n== Restarting application server ==" system! "bin/rails restart" + + # puts "\n== Configuring puma-dev ==" + # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}" + # system "curl -Is https://#{APP_NAME}.test/up | head -n 1" end diff --git a/config/application.rb b/config/application.rb index fbbf1483..b6807f63 100644 --- a/config/application.rb +++ b/config/application.rb @@ -28,7 +28,7 @@ class Application < Rails::Application # Please, add to the `ignore` list any other `lib` subdirectories that do # not contain `.rb` files, or that should not be reloaded or eager loaded. # Common ones are `templates`, `generators`, or `middleware`, for example. - config.autoload_lib(ignore: %w(assets tasks)) + config.autoload_lib(ignore: %w[assets tasks]) # Configuration for the application, engines, and railties goes here. # @@ -54,4 +54,4 @@ class Application < Rails::Application # within the Application < Rails::Application block # seems to be overriden back to the default of UTC # ¯\_(ツ)_/¯ -Time.zone = 'Wellington' +Time.zone = 'Wellington' \ No newline at end of file diff --git a/config/environments/development.rb b/config/environments/development.rb index 46c7af97..91c4a59a 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -16,16 +16,14 @@ # Show full error reports. config.consider_all_requests_local = true - # Enable server timing + # Enable server timing. config.server_timing = true # Enable/disable caching. By default caching is disabled. # Run rails dev:cache to toggle caching. if Rails.root.join("tmp/caching-dev.txt").exist? config.cache_store = :memory_store - config.public_file_server.headers = { - "Cache-Control" => "public, max-age=#{2.days.to_i}" - } + config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false @@ -35,8 +33,12 @@ # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false + # Disable caching for Action Mailer templates even if Action Controller + # caching is enabled. config.action_mailer.perform_caching = false + config.action_mailer.default_url_options = { host: "localhost", port: 3000 } + # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log @@ -53,11 +55,11 @@ # config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. - # config.action_view.annotate_rendered_view_with_filenames = true + config.action_view.annotate_rendered_view_with_filenames = true - # Raise error when a before_action's only/except options reference missing actions + # Raise error when a before_action's only/except options reference missing actions. config.action_controller.raise_on_missing_callback_actions = true - # CUSTOM CONFIG GOES UNDER - # this makes the upgrade process easier + # Apply autocorrection by RuboCop to files generated by `bin/rails generate`. + # config.generators.apply_rubocop_autocorrect_after_generate! end diff --git a/config/environments/production.rb b/config/environments/production.rb index 6aa4a33e..fd9b9065 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -41,6 +41,9 @@ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. config.force_ssl = true + # Skip http-to-https redirect for the default health check endpoint. + # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } + # Log to STDOUT by default config.logger = ActiveSupport::Logger.new(STDOUT) .tap { |logger| logger.formatter = ::Logger::Formatter.new } @@ -61,6 +64,8 @@ # config.active_job.queue_adapter = :resque # config.active_job.queue_name_prefix = "harvester_worker_production" + # Disable caching for Action Mailer templates even if Action Controller + # caching is enabled. config.action_mailer.perform_caching = false # Ignore bad email addresses and do not raise email delivery errors. @@ -79,7 +84,6 @@ # "example.com", # Allow requests from example.com # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` # ] - # Skip DNS rebinding protection for the default health check endpoint. # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } @@ -106,5 +110,5 @@ config.log_level = ENV['LOG_LEVEL'] || :info config.log_tags = [:request_id] - config.logger = ActiveSupport::TaggedLogging.new(CustomLogger.new(STDOUT)) + config.logger = ActiveSupport::TaggedLogging.new(CustomLogger.new(STDOUT)) end diff --git a/config/environments/test.rb b/config/environments/test.rb index ecf288a7..73b9d090 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -20,10 +20,7 @@ config.eager_load = ENV["CI"].present? # Configure public file server for tests with Cache-Control for performance. - config.public_file_server.enabled = true - config.public_file_server.headers = { - "Cache-Control" => "public, max-age=#{1.hour.to_i}" - } + config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{1.hour.to_i}" } # Show full error reports and disable caching. config.consider_all_requests_local = true @@ -36,6 +33,8 @@ # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false + # Disable caching for Action Mailer templates even if Action Controller + # caching is enabled. config.action_mailer.perform_caching = false # Tell Action Mailer not to deliver emails to the real world. @@ -43,6 +42,10 @@ # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test + # Unlike controllers, the mailer instance doesn't have any context about the + # incoming request so you'll need to provide the :host parameter yourself. + config.action_mailer.default_url_options = { host: "www.example.com" } + # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr @@ -58,6 +61,6 @@ # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true - # Raise error when a before_action's only/except options reference missing actions + # Raise error when a before_action's only/except options reference missing actions. config.action_controller.raise_on_missing_callback_actions = true end diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb index 7af62e59..0c5dd99a 100644 --- a/config/initializers/cors.rb +++ b/config/initializers/cors.rb @@ -1,5 +1,3 @@ -# frozen_string_literal: true - # Be sure to restart your server when you modify this file. # Avoid CORS issues when API is called from the frontend app. diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index a119afa1..c010b83d 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,10 +1,8 @@ -# frozen_string_literal: true - # Be sure to restart your server when you modify this file. # Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file. # Use this to limit dissemination of sensitive information. # See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. Rails.application.config.filter_parameters += [ - :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn + :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn ] diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index 9e049dcc..3860f659 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -1,5 +1,3 @@ -# frozen_string_literal: true - # Be sure to restart your server when you modify this file. # Add new inflection rules using the following format. Inflections diff --git a/config/initializers/new_framework_defaults_7_2.rb b/config/initializers/new_framework_defaults_7_2.rb new file mode 100644 index 00000000..b549c4a2 --- /dev/null +++ b/config/initializers/new_framework_defaults_7_2.rb @@ -0,0 +1,70 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.2 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.2`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +### +# Controls whether Active Job's `#perform_later` and similar methods automatically defer +# the job queuing to after the current Active Record transaction is committed. +# +# Example: +# Topic.transaction do +# topic = Topic.create(...) +# NewTopicNotificationJob.perform_later(topic) +# end +# +# In this example, if the configuration is set to `:never`, the job will +# be enqueued immediately, even though the `Topic` hasn't been committed yet. +# Because of this, if the job is picked up almost immediately, or if the +# transaction doesn't succeed for some reason, the job will fail to find this +# topic in the database. +# +# If `enqueue_after_transaction_commit` is set to `:default`, the queue adapter +# will define the behaviour. +# +# Note: Active Job backends can disable this feature. This is generally done by +# backends that use the same database as Active Record as a queue, hence they +# don't need this feature. +#++ +# Rails.application.config.active_job.enqueue_after_transaction_commit = :default + +### +# Adds image/webp to the list of content types Active Storage considers as an image +# Prevents automatic conversion to a fallback PNG, and assumes clients support WebP, as they support gif, jpeg, and png. +# This is possible due to broad browser support for WebP, but older browsers and email clients may still not support +# WebP. Requires imagemagick/libvips built with WebP support. +#++ +# Rails.application.config.active_storage.web_image_content_types = %w[image/png image/jpeg image/gif image/webp] + +### +# Enable validation of migration timestamps. When set, an ActiveRecord::InvalidMigrationTimestampError +# will be raised if the timestamp prefix for a migration is more than a day ahead of the timestamp +# associated with the current time. This is done to prevent forward-dating of migration files, which can +# impact migration generation and other migration commands. +# +# Applications with existing timestamped migrations that do not adhere to the +# expected format can disable validation by setting this config to `false`. +#++ +# Rails.application.config.active_record.validate_migration_timestamps = true + +### +# Controls whether the PostgresqlAdapter should decode dates automatically with manual queries. +# +# Example: +# ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.select_value("select '2024-01-01'::date") #=> Date +# +# This query used to return a `String`. +#++ +# Rails.application.config.active_record.postgresql_adapter_decode_dates = true + +### +# Enables YJIT as of Ruby 3.3, to bring sizeable performance improvements. If you are +# deploying to a memory constrained environment you may want to set this to `false`. +#++ +# Rails.application.config.yjit = true diff --git a/config/puma.rb b/config/puma.rb index a83041ca..03c166f4 100644 --- a/config/puma.rb +++ b/config/puma.rb @@ -1,44 +1,34 @@ -# frozen_string_literal: true +# This configuration file will be evaluated by Puma. The top-level methods that +# are invoked here are part of Puma's configuration DSL. For more information +# about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html. -# To avoid SIGTERMS on scaledown in ElasticAPM -# https://www.rubydoc.info/gems/puma/Puma%2FDSL:raise_exception_on_sigterm -raise_exception_on_sigterm false - -# Puma can serve each request in a thread from an internal thread pool. -# The `threads` method setting takes two numbers: a minimum and maximum. -# Any libraries that use thread pools should be configured to match -# the maximum value specified for Puma. Default is set to 5 threads for minimum -# and maximum; this matches the default thread size of Active Record. +# Puma starts a configurable number of processes (workers) and each process +# serves each request in a thread from an internal thread pool. # -max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 } -min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count } -threads min_threads_count, max_threads_count - -# Specifies the `port` that Puma will listen on to receive requests; default is 3000. +# The ideal number of threads per worker depends both on how much time the +# application spends waiting for IO operations and on how much you wish to +# to prioritize throughput over latency. # -port ENV.fetch("PORT") { 3000 } - -# Specifies the `environment` that Puma will run in. +# As a rule of thumb, increasing the number of threads will increase how much +# traffic a given process can handle (throughput), but due to CRuby's +# Global VM Lock (GVL) it has diminishing returns and will degrade the +# response time (latency) of the application. # -environment ENV.fetch("RAILS_ENV") { "development" } - -# Specifies the `pidfile` that Puma will use. -pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" } - -# Specifies the number of `workers` to boot in clustered mode. -# Workers are forked web server processes. If using threads and workers together -# the concurrency of the application would be max `threads` * `workers`. -# Workers do not work on JRuby or Windows (both of which do not support -# processes). +# The default is set to 3 threads as it's deemed a decent compromise between +# throughput and latency for the average Rails application. # -# workers ENV.fetch("WEB_CONCURRENCY") { 2 } +# Any libraries that use a connection pool or another resource pool should +# be configured to provide at least as many connections as the number of +# threads. This includes Active Record's `pool` parameter in `database.yml`. +threads_count = ENV.fetch("RAILS_MAX_THREADS", 3) +threads threads_count, threads_count -# Use the `preload_app!` method when specifying a `workers` number. -# This directive tells Puma to first boot the application and load code -# before forking the application. This takes advantage of Copy On Write -# process behavior so workers use less memory. -# -# preload_app! +# Specifies the `port` that Puma will listen on to receive requests; default is 3000. +port ENV.fetch("PORT", 3000) -# Allow puma to be restarted by `rails restart` command. +# Allow puma to be restarted by `bin/rails restart` command. plugin :tmp_restart + +# Specify the PID file. Defaults to tmp/pids/server.pid in development. +# In other environments, only set the PID file if requested. +pidfile ENV["PIDFILE"] if ENV["PIDFILE"] From 36206e47481d2756926aa02ecbb0f4fcdf610b00 Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Fri, 10 Oct 2025 14:34:35 +1300 Subject: [PATCH 2/4] fix spec --- spec/models/harvest_job_spec.rb | 2 +- spec/workers/api_delete_worker_spec.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/models/harvest_job_spec.rb b/spec/models/harvest_job_spec.rb index 33526921..9353b8c3 100644 --- a/spec/models/harvest_job_spec.rb +++ b/spec/models/harvest_job_spec.rb @@ -145,7 +145,7 @@ job.finish! end - it 'does not flush records if a harvest failure occured' do + it 'does not flush records if a harvest failure occurred' do job.build_harvest_failure expect(job).to_not receive(:flush_old_records) job.finish! diff --git a/spec/workers/api_delete_worker_spec.rb b/spec/workers/api_delete_worker_spec.rb index f3859830..cb31a3bc 100644 --- a/spec/workers/api_delete_worker_spec.rb +++ b/spec/workers/api_delete_worker_spec.rb @@ -54,7 +54,7 @@ it 'creates a new instance of FailedRecord' do described_class.within_sidekiq_retries_exhausted_block do - expect(FailedRecord).to receive(:new).with(exception_class: 'ApiDeleteWorker', message: 'An error occured', backtrace: nil, raw_data: '[]') + expect(FailedRecord).to receive(:new).with(exception_class: 'ApiDeleteWorker', message: 'An error occurred', backtrace: nil, raw_data: '[]') end end From 39cc6091b9e5b464f7bd4d6724d5e92811be3640 Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Fri, 10 Oct 2025 15:26:48 +1300 Subject: [PATCH 3/4] code review tidy up --- Gemfile | 4 +--- Gemfile.lock | 3 +-- bin/setup | 4 ---- config/environments/production.rb | 3 --- 4 files changed, 2 insertions(+), 12 deletions(-) diff --git a/Gemfile b/Gemfile index 95e32de2..e940b2e6 100644 --- a/Gemfile +++ b/Gemfile @@ -19,9 +19,7 @@ gem 'puma' gem 'rails', '~> 7.2.2.2' gem 'responders' gem 'sidekiq', '~> 7.0' -# gem 'supplejack_common', path: '~/Dev/supplejack/gems/supplejack_common' -# gem 'supplejack_common', github: 'DigitalNZ/supplejack_common', branch: 'pm/upgrade' -gem 'supplejack_common', github: 'DigitalNZ/supplejack_common', branch: 'tw/rails-7-2' +gem 'supplejack_common', github: 'DigitalNZ/supplejack_common' gem 'whenever', require: false gem 'brakeman' gem 'amazing_print' diff --git a/Gemfile.lock b/Gemfile.lock index ddbccd40..d80ea1cd 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,6 @@ GIT remote: https://github.com/DigitalNZ/supplejack_common - revision: 34fa563e573bf7baf86c11cae3e3877274c30277 - branch: tw/rails-7-2 + revision: 94c9642853241d1eb714cec43be5d3992e29f9fa specs: supplejack_common (3.0.0) actionpack (~> 7.2.2.2) diff --git a/bin/setup b/bin/setup index 6d2d6577..4fb9d63f 100755 --- a/bin/setup +++ b/bin/setup @@ -22,8 +22,4 @@ FileUtils.chdir APP_ROOT do puts "\n== Restarting application server ==" system! "bin/rails restart" - - # puts "\n== Configuring puma-dev ==" - # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}" - # system "curl -Is https://#{APP_NAME}.test/up | head -n 1" end diff --git a/config/environments/production.rb b/config/environments/production.rb index fd9b9065..da088d85 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -41,9 +41,6 @@ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. config.force_ssl = true - # Skip http-to-https redirect for the default health check endpoint. - # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } - # Log to STDOUT by default config.logger = ActiveSupport::Logger.new(STDOUT) .tap { |logger| logger.formatter = ::Logger::Formatter.new } From 75f08bc5e6f7e470a81c40ee6913dbef5753e53f Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Wed, 15 Oct 2025 11:46:41 +1300 Subject: [PATCH 4/4] use tag v3.0.3 --- Gemfile | 2 +- Gemfile.lock | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index e940b2e6..92487b8a 100644 --- a/Gemfile +++ b/Gemfile @@ -19,7 +19,7 @@ gem 'puma' gem 'rails', '~> 7.2.2.2' gem 'responders' gem 'sidekiq', '~> 7.0' -gem 'supplejack_common', github: 'DigitalNZ/supplejack_common' +gem 'supplejack_common', github: 'DigitalNZ/supplejack_common', tag: 'v3.0.3' gem 'whenever', require: false gem 'brakeman' gem 'amazing_print' diff --git a/Gemfile.lock b/Gemfile.lock index d80ea1cd..dc8afcbe 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,6 +1,7 @@ GIT remote: https://github.com/DigitalNZ/supplejack_common revision: 94c9642853241d1eb714cec43be5d3992e29f9fa + tag: v3.0.3 specs: supplejack_common (3.0.0) actionpack (~> 7.2.2.2)