diff --git a/.github/workflows/feature_tests.yml b/.github/workflows/feature_tests.yml index 2f32f62b4e..edc743b834 100644 --- a/.github/workflows/feature_tests.yml +++ b/.github/workflows/feature_tests.yml @@ -9,7 +9,7 @@ jobs: services: postgres: - image: postgis/postgis:11-2.5 + image: postgis/postgis:14-3.4 ports: - "5432:5432" env: diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml index 45514b93bb..cc1ff61b4b 100644 --- a/.github/workflows/unit_tests.yml +++ b/.github/workflows/unit_tests.yml @@ -19,7 +19,7 @@ jobs: services: postgres: - image: postgis/postgis:11-2.5 + image: postgis/postgis:14-3.4 ports: - "5432:5432" env: diff --git a/Gemfile b/Gemfile index 4f32bfd9d1..63fbb3f3e6 100644 --- a/Gemfile +++ b/Gemfile @@ -4,7 +4,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby '3.2.2' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 7.0.8' +gem 'rails', '~> 7.1.3' # Use postgresql as the database for Active Record gem 'pg', '>= 0.18', '< 2.0' # Use Puma as the app server diff --git a/Gemfile.lock b/Gemfile.lock index b6f9e73aef..ab9d188d1a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -12,78 +12,87 @@ GEM specs: aasm (5.5.0) concurrent-ruby (~> 1.0) - actioncable (7.0.8) - actionpack (= 7.0.8) - activesupport (= 7.0.8) + actioncable (7.1.3.2) + actionpack (= 7.1.3.2) + activesupport (= 7.1.3.2) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.8) - actionpack (= 7.0.8) - activejob (= 7.0.8) - activerecord (= 7.0.8) - activestorage (= 7.0.8) - activesupport (= 7.0.8) + zeitwerk (~> 2.6) + actionmailbox (7.1.3.2) + actionpack (= 7.1.3.2) + activejob (= 7.1.3.2) + activerecord (= 7.1.3.2) + activestorage (= 7.1.3.2) + activesupport (= 7.1.3.2) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.0.8) - actionpack (= 7.0.8) - actionview (= 7.0.8) - activejob (= 7.0.8) - activesupport (= 7.0.8) + actionmailer (7.1.3.2) + actionpack (= 7.1.3.2) + actionview (= 7.1.3.2) + activejob (= 7.1.3.2) + activesupport (= 7.1.3.2) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp - rails-dom-testing (~> 2.0) - actionpack (7.0.8) - actionview (= 7.0.8) - activesupport (= 7.0.8) - rack (~> 2.0, >= 2.2.4) + rails-dom-testing (~> 2.2) + actionpack (7.1.3.2) + actionview (= 7.1.3.2) + activesupport (= 7.1.3.2) + nokogiri (>= 1.8.5) + racc + rack (>= 2.2.4) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.8) - actionpack (= 7.0.8) - activerecord (= 7.0.8) - activestorage (= 7.0.8) - activesupport (= 7.0.8) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + actiontext (7.1.3.2) + actionpack (= 7.1.3.2) + activerecord (= 7.1.3.2) + activestorage (= 7.1.3.2) + activesupport (= 7.1.3.2) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.8) - activesupport (= 7.0.8) + actionview (7.1.3.2) + activesupport (= 7.1.3.2) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) - active_storage_validations (1.1.3) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + active_storage_validations (1.1.4) activejob (>= 5.2.0) activemodel (>= 5.2.0) activestorage (>= 5.2.0) activesupport (>= 5.2.0) - activejob (7.0.8) - activesupport (= 7.0.8) + activejob (7.1.3.2) + activesupport (= 7.1.3.2) globalid (>= 0.3.6) - activemodel (7.0.8) - activesupport (= 7.0.8) - activerecord (7.0.8) - activemodel (= 7.0.8) - activesupport (= 7.0.8) - activerecord-postgis-adapter (8.0.3) - activerecord (~> 7.0.0) + activemodel (7.1.3.2) + activesupport (= 7.1.3.2) + activerecord (7.1.3.2) + activemodel (= 7.1.3.2) + activesupport (= 7.1.3.2) + timeout (>= 0.4.0) + activerecord-postgis-adapter (9.0.1) + activerecord (~> 7.1.0) rgeo-activerecord (~> 7.0.0) - activestorage (7.0.8) - actionpack (= 7.0.8) - activejob (= 7.0.8) - activerecord (= 7.0.8) - activesupport (= 7.0.8) + activestorage (7.1.3.2) + actionpack (= 7.1.3.2) + activejob (= 7.1.3.2) + activerecord (= 7.1.3.2) + activesupport (= 7.1.3.2) marcel (~> 1.0) - mini_mime (>= 1.1.0) - activesupport (7.0.8) + activesupport (7.1.3.2) + base64 + bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) minitest (>= 5.1) + mutex_m tzinfo (~> 2.0) addressable (2.8.6) public_suffix (>= 2.0.2, < 6.0) @@ -139,6 +148,7 @@ GEM erubi (~> 1.4) parser (>= 2.4) smart_properties + bigdecimal (3.1.6) bindata (2.4.15) binding_of_caller (1.0.0) debug_inspector (>= 0.0.1) @@ -226,6 +236,8 @@ GEM dotenv-rails (2.8.1) dotenv (= 2.8.1) railties (>= 3.2) + drb (2.2.0) + ruby2_keywords dumb_delegator (1.0.0) erubi (1.12.0) excon (0.104.0) @@ -288,6 +300,10 @@ GEM terminal-table (>= 1.5.1) ice_nine (0.11.2) interception (0.5) + io-console (0.7.2) + irb (1.11.2) + rdoc + reline (>= 0.4.2) jbuilder (2.11.5) actionview (>= 5.0.0) activesupport (>= 5.0.0) @@ -344,6 +360,7 @@ GEM multi_xml (0.6.0) mustermann (3.0.0) ruby2_keywords (~> 0.0.1) + mutex_m (0.2.0) net-imap (0.3.7) date net-protocol @@ -411,6 +428,8 @@ GEM pry-stack_explorer (0.6.1) binding_of_caller (~> 1.0) pry (~> 0.13) + psych (5.1.2) + stringio public_suffix (5.0.4) puma (6.4.2) nio4r (~> 2.0) @@ -427,22 +446,27 @@ GEM rack (~> 2.2, >= 2.2.4) rack-proxy (0.7.7) rack + rack-session (1.0.2) + rack (< 3) rack-test (2.1.0) rack (>= 1.3) - rails (7.0.8) - actioncable (= 7.0.8) - actionmailbox (= 7.0.8) - actionmailer (= 7.0.8) - actionpack (= 7.0.8) - actiontext (= 7.0.8) - actionview (= 7.0.8) - activejob (= 7.0.8) - activemodel (= 7.0.8) - activerecord (= 7.0.8) - activestorage (= 7.0.8) - activesupport (= 7.0.8) + rackup (1.0.0) + rack (< 3) + webrick + rails (7.1.3.2) + actioncable (= 7.1.3.2) + actionmailbox (= 7.1.3.2) + actionmailer (= 7.1.3.2) + actionpack (= 7.1.3.2) + actiontext (= 7.1.3.2) + actionview (= 7.1.3.2) + activejob (= 7.1.3.2) + activemodel (= 7.1.3.2) + activerecord (= 7.1.3.2) + activestorage (= 7.1.3.2) + activesupport (= 7.1.3.2) bundler (>= 1.15.0) - railties (= 7.0.8) + railties (= 7.1.3.2) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -457,13 +481,14 @@ GEM rails-i18n (7.0.8) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 8) - railties (7.0.8) - actionpack (= 7.0.8) - activesupport (= 7.0.8) - method_source + railties (7.1.3.2) + actionpack (= 7.1.3.2) + activesupport (= 7.1.3.2) + irb + rackup (>= 1.0.0) rake (>= 12.2) - thor (~> 1.0) - zeitwerk (~> 2.5) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) rainbow (3.1.1) rake (13.1.0) rash_alt (0.4.12) @@ -476,9 +501,13 @@ GEM rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) + rdoc (6.6.2) + psych (>= 4.0.0) redis-client (0.18.0) connection_pool regexp_parser (2.9.0) + reline (0.4.2) + io-console (~> 0.5) responders (3.1.1) actionpack (>= 5.2) railties (>= 5.2) @@ -558,7 +587,7 @@ GEM rubyzip (>= 1.2.2, < 3.0) websocket (~> 1.0) semantic_range (3.0.0) - shakapacker (7.2.1) + shakapacker (7.2.2) activesupport (>= 5.2) package_json rack-proxy (>= 0.6.1) @@ -600,6 +629,7 @@ GEM actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) + stringio (3.1.0) swd (1.3.0) activesupport (>= 3) attr_required (>= 0.0.5) @@ -646,6 +676,7 @@ GEM addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) + webrick (1.8.1) websocket (1.2.10) websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) @@ -706,7 +737,7 @@ DEPENDENCIES pry-rescue pry-stack_explorer puma (~> 6.4) - rails (~> 7.0.8) + rails (~> 7.1.3) rails-controller-testing (>= 1.0.5) ratonvirus (>= 0.1.1) ratonvirus-clamby (>= 0.1.0) diff --git a/app/models/admin/upload.rb b/app/models/admin/upload.rb index d89f01497a..6d24b3ac34 100644 --- a/app/models/admin/upload.rb +++ b/app/models/admin/upload.rb @@ -4,7 +4,7 @@ class Admin::Upload < ApplicationRecord self.abstract_class = true default_scope { order(created_at: :desc) } - serialize :import_errors, Array + serialize :import_errors, type: Array, coder: YAML validate :supplier_files_validation, on: :upload diff --git a/app/models/generic_journey.rb b/app/models/generic_journey.rb index 4474748264..896da3965c 100644 --- a/app/models/generic_journey.rb +++ b/app/models/generic_journey.rb @@ -3,20 +3,23 @@ class GenericJourney def initialize(first_step_class, framework, slug, params, paths) @steps = [] - @params = ActiveSupport::HashWithIndifferentAccess.new + @params = ActionController::Parameters.new @paths = paths @framework = framework klass = first_step_class + permitted_params = Set.new + loop do - permitted = params.permit(klass.permit_list) - step = klass.new(permitted) - @params.merge! permitted + permitted_params.merge(klass.permit_list) + step = klass.new(params.permit(klass.permit_list)) @steps << step - return if step.slug == slug || step.invalid? || step.final? + break if step.slug == slug || step.invalid? || step.final? klass = step.next_step_class end + + @params = params.permit(permitted_params.to_a) end def first_step diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index b6339c18d8..e02297e36a 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -30,7 +30,7 @@ document.body.className = ((document.body.className) ? document.body.className + ' js-enabled' : 'js-enabled'); <% end -%> <% if Rails.env.production? && user_signed_in? %> - <%= auto_session_timeout_js %> + <%= auto_session_timeout_js(attributes: { nonce: true }) %> <% end %>
diff --git a/bin/rails b/bin/rails index 0739660237..efc0377492 100755 --- a/bin/rails +++ b/bin/rails @@ -1,4 +1,4 @@ #!/usr/bin/env ruby -APP_PATH = File.expand_path('../config/application', __dir__) -require_relative '../config/boot' -require 'rails/commands' +APP_PATH = File.expand_path("../config/application", __dir__) +require_relative "../config/boot" +require "rails/commands" diff --git a/bin/rake b/bin/rake index 17240489f6..4fbf10b960 100755 --- a/bin/rake +++ b/bin/rake @@ -1,4 +1,4 @@ #!/usr/bin/env ruby -require_relative '../config/boot' -require 'rake' +require_relative "../config/boot" +require "rake" Rake.application.run diff --git a/bin/setup b/bin/setup index 2d33af1a60..953e7acb8d 100755 --- a/bin/setup +++ b/bin/setup @@ -1,36 +1,36 @@ #!/usr/bin/env ruby -require 'fileutils' +require "fileutils" # path to your application root. -APP_ROOT = File.expand_path('..', __dir__) +APP_ROOT = File.expand_path("..", __dir__) def system!(*args) - system(*args) || abort("\n== Command #{args} failed ==") + system(*args, exception: true) end FileUtils.chdir APP_ROOT do - # This script is a way to setup or update your development environment automatically. - # This script is idempotent, so that you can run it at anytime and get an expectable outcome. + # This script is a way to set up or update your development environment automatically. + # This script is idempotent, so that you can run it at any time and get an expectable outcome. # Add necessary setup steps to this file. - puts '== Installing dependencies ==' - system! 'gem install bundler --conservative' - system('bundle check') || system!('bundle install') + puts "== Installing dependencies ==" + system! "gem install bundler --conservative" + system("bundle check") || system!("bundle install") # Install JavaScript dependencies - system('bin/yarn') + system("bin/yarn") # puts "\n== Copying sample files ==" - # unless File.exist?('config/database.yml') - # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' + # unless File.exist?("config/database.yml") + # FileUtils.cp "config/database.yml.sample", "config/database.yml" # end puts "\n== Preparing database ==" - system! 'bin/rails db:prepare' + system! "bin/rails db:prepare" puts "\n== Removing old logs and tempfiles ==" - system! 'bin/rails log:clear tmp:clear' + system! "bin/rails log:clear tmp:clear" puts "\n== Restarting application server ==" - system! 'bin/rails restart' + system! "bin/rails restart" end diff --git a/config/application.rb b/config/application.rb index c79b6cfbe8..f84a40a1b8 100644 --- a/config/application.rb +++ b/config/application.rb @@ -22,12 +22,27 @@ module Marketplace class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 7.0 + config.load_defaults 7.1 + + config.active_support.cache_format_version = 7.1 + + # Please, add to the `ignore` list any other `lib` subdirectories that do + # not contain `.rb` files, or that should not be reloaded or eager loaded. + # Common ones are `templates`, `generators`, or `middleware`, for example. + config.autoload_lib(ignore: %w[assets tasks cop ext]) Rails.autoloaders.main.ignore(Rails.root.join('storage')) config.autoload_paths += %W[#{config.root}/app/workers #{config.root}/storage] + # Configuration for the application, engines, and railties goes here. + # + # These settings can be overridden in specific environments using the files + # in config/environments, which are processed later. + # + # config.time_zone = "Central Time (US & Canada)" + # config.eager_load_paths << Rails.root.join("extras") + # Settings in config/environments/* take precedence over those specified here. # Application configuration can go into files in config/initializers # -- all .rb files in that directory are automatically loaded after loading diff --git a/config/environments/development.rb b/config/environments/development.rb index a1505f30e6..95ce15316b 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -6,7 +6,7 @@ # In the development environment your application's code is reloaded any time # it changes. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. - config.cache_classes = false + config.enable_reloading = true # Do not eager load code on boot. config.eager_load = false @@ -41,8 +41,6 @@ config.action_mailer.perform_caching = false - config.action_mailer.default_url_options = { host: 'localhost', port: 4000 } - # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log @@ -58,35 +56,20 @@ # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true - # Debug mode disables concatenation and preprocessing of assets. - # This option may cause significant delays in view rendering with a large - # number of complex assets. - config.assets.debug = true + # Highlight code that enqueued background job in logs. + config.active_job.verbose_enqueue_logs = true # Suppress logger output for asset requests. config.assets.quiet = true - # Do not create gzip copies - config.assets.gzip = false - # Raises error for missing translations. # config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true - # Uncomment if you wish to allow Action Cable access from any origin. - # config.action_cable.disable_request_forgery_protection = true - - # Use an evented file watcher to asynchronously detect changes in source code, - # routes, locales, etc. This feature depends on the listen gem. - config.file_watcher = ActiveSupport::EventedFileUpdateChecker - - config.log_level = ENV['LOG_LEVEL'].present? ? ENV['LOG_LEVEL'] : :DEBUG - config.logger = ActiveSupport::Logger.new("log/#{Rails.env}_new.log") - config.logger.formatter = proc do |severity, datetime, prog_name, msg, other| - "#{datetime.strftime('%I:%M%p')}, #{severity}: #{msg} #{'from' if prog_name.present?} #{prog_name} #{other} \n" - end + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = true end if Rails.env.development? diff --git a/config/environments/production.rb b/config/environments/production.rb index b2bc01560b..eb5854f372 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -4,7 +4,7 @@ # Settings specified here will take precedence over those in config/application.rb. # Code is not reloaded between requests. - config.cache_classes = true + config.enable_reloading = false # Eager load code on boot. This eager loads most of Rails and # your application in memory, allowing both threaded web servers @@ -16,13 +16,12 @@ config.consider_all_requests_local = false config.action_controller.perform_caching = true - # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] - # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment + # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). # config.require_master_key = true - # Disable serving static files from the `/public` folder by default since - # Apache or NGINX already handles this. - config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? + # Enable static file serving from the `/public` folder (turn off if using NGINX/Apache for it). + config.public_file_server.enabled = true # Compress the sass with sassc config.sass.style = :compressed @@ -30,9 +29,6 @@ # Do not fallback to assets pipeline if a precompiled asset is missed. config.assets.compile = false - # Do not create gzip copies - config.assets.gzip = false - # Enable serving of images, stylesheets, and JavaScripts from an asset server. # config.asset_host = "http://assets.example.com" @@ -40,19 +36,29 @@ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX - # Store uploaded files on the local file system (see config/storage.yml for options) + # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :amazon + # Assume all access to the app is happening through a SSL-terminating reverse proxy. + # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. + # config.assume_ssl = true + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. config.force_ssl = true - # Use the lowest log level to ensure availability of diagnostic information - # when problems arise. - config.log_level = ENV['LOG_LEVEL'].present? ? ENV['LOG_LEVEL'] : :info + # Log to STDOUT by default + config.logger = ActiveSupport::Logger.new($stdout) + .tap { |logger| logger.formatter = Logger::Formatter.new } + .then { |logger| ActiveSupport::TaggedLogging.new(logger) } # Prepend all log lines with the following tags. config.log_tags = [:request_id] + # Info include generic and useful information about system operation, but avoids logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). If you + # want to log everything, set the level to "debug". + config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info') + # Use a different cache store in production. # config.cache_store = :mem_cache_store @@ -73,31 +79,19 @@ # Don't log any deprecations. config.active_support.report_deprecations = false - # Send deprecation notices to registered listeners. - config.active_support.deprecation = :notify - - # Use default logging formatter so that PID and timestamp are not suppressed. - config.log_formatter = Logger::Formatter.new - - # Use a different logger for distributed setups. - # require 'syslog/logger' - # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') - - if ENV['RAILS_LOG_TO_STDOUT'].present? - logger = ActiveSupport::Logger.new($stdout) - logger.formatter = config.log_formatter - config.logger = ActiveSupport::TaggedLogging.new(logger) - end + # Do not dump schema after migrations. + config.active_record.dump_schema_after_migration = false + # Config for assets config.assets.initialize_on_precompile = true config.action_controller.asset_host = "//#{ENV.fetch('ASSETS_BUCKET', nil)}.s3.amazonaws.com/" config.assets.digest = true config.assets.enabled = true config.fail_silently = true - # Do not dump schema after migrations. - config.active_record.dump_schema_after_migration = false - - # Prevents against DNS rebinding and other Host header attacks. + # Enable DNS rebinding protection and other `Host` header attacks. config.hosts << ENV.fetch('ENVIRONMENT_HOST', nil) + + # Skip DNS rebinding protection for the default health check endpoint. + # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } end diff --git a/config/environments/test.rb b/config/environments/test.rb index c89f4039c8..3b958189ca 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -8,12 +8,13 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # Turn false under Spring and add config.action_view.cache_template_loading = true. - config.cache_classes = true + # While tests run files are not watched, reloading is not necessary. + config.enable_reloading = false - # Eager loading loads your whole application. When running a single test locally, - # this probably isn't necessary. It's a good idea to do in a continuous integration - # system, or in some way before deploying your code. + # Eager loading loads your entire application. When running a single test locally, + # this is usually not necessary, and can slow down your test suite. However, it's + # recommended that you enable it in continuous integration systems to ensure eager + # loading is working properly before deploying your code. config.eager_load = ENV['CI'].present? # Configure public file server for tests with Cache-Control for performance. @@ -28,12 +29,12 @@ config.cache_store = :null_store # Raise exceptions instead of rendering exception templates. - config.action_dispatch.show_exceptions = false + config.action_dispatch.show_exceptions = :rescuable # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false - # Store uploaded files on the local file system in a temporary directory + # Store uploaded files on the local file system in a temporary directory. config.active_storage.service = :test config.action_mailer.perform_caching = false @@ -46,9 +47,6 @@ # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Do not create gzip copies - config.assets.gzip = false - # Raise exceptions for disallowed deprecations. config.active_support.disallowed_deprecation = :raise @@ -61,10 +59,6 @@ # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true - # enable to find N+1 queries in specs - # config.after_initialize do - # Bullet.enable = true - # Bullet.bullet_logger = true - # Bullet.raise = true - # end + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = true end diff --git a/config/initializers/assets.rb b/config/initializers/assets.rb index 479a6387e7..d8f1515ee1 100644 --- a/config/initializers/assets.rb +++ b/config/initializers/assets.rb @@ -1,4 +1,5 @@ # Be sure to restart your server when you modify this file. + # Version of your assets, change this if you want to expire all your assets. Rails.application.config.assets.version = '1.0' diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index 166997c5a5..262e86202d 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,8 +1,8 @@ # Be sure to restart your server when you modify this file. -# Configure parameters to be filtered from the log file. Use this to limit dissemination of -# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported -# notations and behaviors. +# Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file. +# Use this to limit dissemination of sensitive information. +# See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. Rails.application.config.filter_parameters += %i[ passw secret token _key crypt salt certificate otp ssn ] diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index 65fb9b0032..64e45e982a 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -4,9 +4,9 @@ # are locale specific, and you may define rules for as many different # locales as you wish. All of these examples are active by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.plural /^(ox)$/i, '\1en' -# inflect.singular /^(ox)en/i, '\1' -# inflect.irregular 'person', 'people' +# inflect.plural /^(ox)$/i, "\\1en" +# inflect.singular /^(ox)en/i, "\\1" +# inflect.irregular "person", "people" # inflect.uncountable %w( fish sheep ) # end diff --git a/config/initializers/permissions_policy.rb b/config/initializers/permissions_policy.rb index 00f64d71b0..7db3b9577e 100644 --- a/config/initializers/permissions_policy.rb +++ b/config/initializers/permissions_policy.rb @@ -1,11 +1,13 @@ +# Be sure to restart your server when you modify this file. + # Define an application-wide HTTP permissions policy. For further -# information see https://developers.google.com/web/updates/2018/06/feature-policy -# -# Rails.application.config.permissions_policy do |f| -# f.camera :none -# f.gyroscope :none -# f.microphone :none -# f.usb :none -# f.fullscreen :self -# f.payment :self, "https://secure.example.com" +# information see: https://developers.google.com/web/updates/2018/06/feature-policy + +# Rails.application.config.permissions_policy do |policy| +# policy.camera :none +# policy.gyroscope :none +# policy.microphone :none +# policy.usb :none +# policy.fullscreen :self +# policy.payment :self, "https://secure.example.com" # end diff --git a/db/schema.rb b/db/schema.rb index e2db523a0a..5975638948 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.0].define(version: 2023_03_14_113131) do +ActiveRecord::Schema[7.1].define(version: 2023_03_14_113131) do # These are extensions that must be enabled in order to support this database enable_extension "pgcrypto" enable_extension "plpgsql" diff --git a/lib/tasks/rubocop.rake b/lib/tasks/rubocop.rake index f8ac99f88a..b85927eef6 100644 --- a/lib/tasks/rubocop.rake +++ b/lib/tasks/rubocop.rake @@ -1,4 +1,4 @@ -if Rails.env.development? || Rails.env.test? +if Rails.env.local? require 'rubocop/rake_task' RuboCop::RakeTask.new diff --git a/package.json b/package.json index c80849655c..0bb9ce5acb 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "@babel/plugin-transform-runtime": "^7.23.7", "@babel/preset-typescript": "^7.23.3", "@babel/runtime": "^7.23.9", - "@rails/ujs": "^7.0.8", + "@rails/ujs": "^7.1.3", "babel-loader": "^9.1.3", "compression-webpack-plugin": "^10.0.0", "expose-loader": "^4.1.0", diff --git a/spec/models/generic_journey_spec.rb b/spec/models/generic_journey_spec.rb index e93836afb0..41af44a7e3 100644 --- a/spec/models/generic_journey_spec.rb +++ b/spec/models/generic_journey_spec.rb @@ -5,7 +5,7 @@ described_class.new(first_step_class, framework, slug, params, paths) end - let(:params) { ActionController::Parameters.new } + let(:params) { ActionController::Parameters.new.permit } let(:paths) { instance_double(JourneyPaths) } let(:framework) { 'RM1234' } @@ -362,18 +362,18 @@ def next_step_class before { allow(journey.current_step).to receive(:final?).and_return(false) } it 'includes previous questions and answers' do - expect(journey.previous_questions_and_answers).to include('first_question' => 'first-answer') + expect(journey.previous_questions_and_answers.to_unsafe_h).to include('first_question' => 'first-answer') end it 'does not include current questions and answers' do - expect(journey.previous_questions_and_answers).not_to include('second_question' => 'second-answer') + expect(journey.previous_questions_and_answers.to_unsafe_h).not_to include('second_question' => 'second-answer') end context 'when it’s the final step' do before { allow(journey.current_step).to receive(:final?).and_return(true) } it 'includes all answers' do - expect(journey.previous_questions_and_answers).to include( + expect(journey.previous_questions_and_answers.to_unsafe_h).to include( 'first_question' => 'first-answer', 'second_question' => 'second-answer' ) diff --git a/spec/models/supply_teachers/rm6238/admin/current_data_spec.rb b/spec/models/supply_teachers/rm6238/admin/current_data_spec.rb index 9d016f3e0e..4462861dec 100644 --- a/spec/models/supply_teachers/rm6238/admin/current_data_spec.rb +++ b/spec/models/supply_teachers/rm6238/admin/current_data_spec.rb @@ -2,6 +2,10 @@ RSpec.describe SupplyTeachers::RM6238::Admin::CurrentData do describe '#validations' do + before { described_class.destroy_all } + + after { described_class.destroy_all } + context 'when no instances exist' do it 'validation fails' do expect(build(:supply_teachers_rm6238_admin_current_data)).to be_valid diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index 2047e91941..7d5cd8981e 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -43,7 +43,7 @@ config.extend ControllerMacros, type: :controller config.extend APIRequestStubs, type: :calculator # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures - config.fixture_path = Rails.root.join('spec', 'fixtures') + config.fixture_paths = [Rails.root.join('spec', 'fixtures')] # If you're not using ActiveRecord, or you'd prefer not to run each of your # examples within a transaction, remove the following line or assign false diff --git a/yarn.lock b/yarn.lock index 8da6128904..27a4cde2b1 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1183,10 +1183,10 @@ "@nodelib/fs.scandir" "2.1.5" fastq "^1.6.0" -"@rails/ujs@^7.0.8": - version "7.0.8" - resolved "https://registry.yarnpkg.com/@rails/ujs/-/ujs-7.0.8.tgz#59853367d0827b3955d2c4bedfd5eba4a79d3422" - integrity sha512-tOQQBVH8LsUpGXqDnk+kaOGVsgZ8maHAhEiw3Git3p88q+c0Slgu47HuDnL6sVxeCfz24zbq7dOjsVYDiTpDIA== +"@rails/ujs@^7.1.3": + version "7.1.3" + resolved "https://registry.yarnpkg.com/@rails/ujs/-/ujs-7.1.3.tgz#6d94a68b7da5046147d31716e0c187a4ead4fb93" + integrity sha512-FxtgKNvvIonoBE1TK7U10VMf6CYvzq8SIZ1XZ1Q8zcn/BEXzPzid3zC9qFiojuI5WXVwWhO8GFqApq0stD+OqQ== "@types/body-parser@*": version "1.19.2"