From bf5fb3c188daa4ff608d0ec06c22c2090e0b65c6 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Wed, 8 Nov 2023 15:19:28 -0500 Subject: [PATCH 01/20] Rails 7.1 requires explicit require of active_job/log_subscriber for some reason --- config/initializers/activejob_retry_logging.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/initializers/activejob_retry_logging.rb b/config/initializers/activejob_retry_logging.rb index cc61df345..5c8ab629e 100644 --- a/config/initializers/activejob_retry_logging.rb +++ b/config/initializers/activejob_retry_logging.rb @@ -1,3 +1,5 @@ +require 'active_job/log_subscriber' + # ActiveJob default logging around retry events is missing a lot of info that IS # included in other events, including "tags" (Rails tagged logging) for ActiveJob and job-id. # From 7a16a17aff18c6cd0030832d7d6c94b87ab735c6 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Wed, 8 Nov 2023 15:30:11 -0500 Subject: [PATCH 02/20] Rails 7.1, plus updates to blacklight, qa, and browse_everything necessary for Rails 7.1 --- Gemfile | 12 ++- Gemfile.lock | 263 +++++++++++++++++++++++++++------------------------ 2 files changed, 145 insertions(+), 130 deletions(-) diff --git a/Gemfile b/Gemfile index 66f1fc47f..d2c9ac249 100644 --- a/Gemfile +++ b/Gemfile @@ -9,7 +9,11 @@ ruby "~> #{File.read(File.join(__dir__ , '.ruby-version')).chomp.split('.').slic gem 'lockbox' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 7.0.0' +gem 'rails', '~> 7.1.0' + +# While rails 7.1 supports rack 3, we're not ready to take that jump yet, +# too many other things not compat but don't know it. +gem "rack", "~> 2.0" # Our JS/CSS/asset bundler # After updating, you always need to run `bundle exec vite upgrade` to update JS packages to match @@ -43,7 +47,7 @@ gem 'scout_apm' # NOTE ALSO: We are using `blacklight-frontend` JS NPM package, updating blacklight # version may require an update with yarn to `blacklight-frontend`, has to be # checked manually. -gem "blacklight", "~> 7.34.0" +gem "blacklight", "~> 7.35.0" gem "blacklight_range_limit", "~> 8.4.0" # version no longer sync'd with blacklight, not sure how we tell what version works with what version of BL # for some code to deal with transcoding video, via AWS MediaConvert @@ -117,8 +121,8 @@ gem "traject", ">= 3.5" # to include support for HTTP basic auth in Solr url gem 'simple_form', "~> 5.0" -gem "browse-everything", "~> 1.2" -gem "qa", "~> 5.2", ">= 5.2.10" +gem "browse-everything", "~> 1.3" +gem "qa", "~> 5.2", ">= 5.11.0" gem "shrine", "~> 3.3" #, path: "../shrine" # shrine-compat endpoint to get uppy to direct upload to S3 with resumable multi-part upload gem "uppy-s3_multipart" diff --git a/Gemfile.lock b/Gemfile.lock index af17fc691..2b4a3b0b8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -3,98 +3,106 @@ GEM specs: Ascii85 (1.1.0) access-granted (1.3.3) - actioncable (7.0.8) - actionpack (= 7.0.8) - activesupport (= 7.0.8) + actioncable (7.1.1) + actionpack (= 7.1.1) + activesupport (= 7.1.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.8) - actionpack (= 7.0.8) - activejob (= 7.0.8) - activerecord (= 7.0.8) - activestorage (= 7.0.8) - activesupport (= 7.0.8) + zeitwerk (~> 2.6) + actionmailbox (7.1.1) + actionpack (= 7.1.1) + activejob (= 7.1.1) + activerecord (= 7.1.1) + activestorage (= 7.1.1) + activesupport (= 7.1.1) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.0.8) - actionpack (= 7.0.8) - actionview (= 7.0.8) - activejob (= 7.0.8) - activesupport (= 7.0.8) + actionmailer (7.1.1) + actionpack (= 7.1.1) + actionview (= 7.1.1) + activejob (= 7.1.1) + activesupport (= 7.1.1) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp - rails-dom-testing (~> 2.0) - actionpack (7.0.8) - actionview (= 7.0.8) - activesupport (= 7.0.8) - rack (~> 2.0, >= 2.2.4) + rails-dom-testing (~> 2.2) + actionpack (7.1.1) + actionview (= 7.1.1) + activesupport (= 7.1.1) + nokogiri (>= 1.8.5) + rack (>= 2.2.4) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.8) - actionpack (= 7.0.8) - activerecord (= 7.0.8) - activestorage (= 7.0.8) - activesupport (= 7.0.8) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + actiontext (7.1.1) + actionpack (= 7.1.1) + activerecord (= 7.1.1) + activestorage (= 7.1.1) + activesupport (= 7.1.1) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.8) - activesupport (= 7.0.8) + actionview (7.1.1) + activesupport (= 7.1.1) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) active_encode (1.2.1) addressable (~> 2.8) rails - activejob (7.0.8) - activesupport (= 7.0.8) + activejob (7.1.1) + activesupport (= 7.1.1) globalid (>= 0.3.6) - activemodel (7.0.8) - activesupport (= 7.0.8) - activerecord (7.0.8) - activemodel (= 7.0.8) - activesupport (= 7.0.8) + activemodel (7.1.1) + activesupport (= 7.1.1) + activerecord (7.1.1) + activemodel (= 7.1.1) + activesupport (= 7.1.1) + timeout (>= 0.4.0) activerecord-import (1.5.0) activerecord (>= 4.2) activerecord-postgres_enum (2.0.1) activerecord (>= 5.2) pg - activestorage (7.0.8) - actionpack (= 7.0.8) - activejob (= 7.0.8) - activerecord (= 7.0.8) - activesupport (= 7.0.8) + activestorage (7.1.1) + actionpack (= 7.1.1) + activejob (= 7.1.1) + activerecord (= 7.1.1) + activesupport (= 7.1.1) marcel (~> 1.0) - mini_mime (>= 1.1.0) - activesupport (7.0.8) + activesupport (7.1.1) + base64 + bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) minitest (>= 5.1) + mutex_m tzinfo (~> 2.0) addressable (2.8.5) public_suffix (>= 2.0.2, < 6.0) afm (0.2.2) - alba (2.4.1) + alba (2.4.2) ansi (1.5.0) ast (2.4.2) - attr_json (2.1.0) - activerecord (>= 6.0.0, < 7.1) + attr_json (2.2.0) + activerecord (>= 6.0.0, < 7.2) autoprefixer-rails (10.4.15.0) execjs (~> 2) aws-eventstream (1.2.0) - aws-partitions (1.832.0) + aws-partitions (1.848.0) aws-sdk-cloudwatchevents (1.67.0) aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) aws-sdk-cloudwatchlogs (1.71.0) aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.185.0) + aws-sdk-core (3.186.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) @@ -109,7 +117,7 @@ GEM aws-sdk-core (~> 3, >= 3.181.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.6) - aws-sigv4 (1.6.0) + aws-sigv4 (1.6.1) aws-eventstream (~> 1, >= 1.0.2) axe-core-api (4.8.0) dumb_delegator @@ -122,11 +130,12 @@ GEM descendants_tracker (~> 0.0.4) ice_nine (~> 0.11.0) thread_safe (~> 0.3, >= 0.3.1) - base64 (0.1.1) + base64 (0.2.0) bcp47_spec (0.2.1) bcrypt (3.1.19) + bigdecimal (3.1.4) bindex (0.8.1) - blacklight (7.34.0) + blacklight (7.35.0) deprecation globalid hashdiff @@ -134,13 +143,13 @@ GEM jbuilder (~> 2.7) kaminari (>= 0.15) ostruct (>= 0.3.2) - rails (>= 5.1, < 7.1) + rails (>= 5.1, < 7.2) view_component (>= 2.66, < 4) blacklight_range_limit (8.4.0) blacklight (>= 7.25.2, < 9) deprecation view_component (>= 2.54, < 4) - bootsnap (1.16.0) + bootsnap (1.17.0) msgpack (~> 1.2) bootstrap (4.6.2) autoprefixer-rails (>= 9.1.0) @@ -149,13 +158,13 @@ GEM bootstrap4-kaminari-views (1.0.1) kaminari (>= 0.13) rails (>= 3.1) - browse-everything (1.2.0) + browse-everything (1.3.0) addressable (~> 2.5) aws-sdk-s3 dropbox_api (>= 0.1.20) google-apis-drive_v3 googleauth (>= 0.6.6, < 2.0) - rails (>= 4.2, < 7.1) + rails (>= 4.2, < 7.2) ruby-box signet (~> 0.8) typhoeus @@ -202,17 +211,15 @@ GEM activerecord (>= 5.a) database_cleaner-core (~> 2.0.0) database_cleaner-core (2.0.1) - date (3.3.3) - db-query-matchers (0.11.0) - activesupport (>= 4.0, < 7.1) - rspec (>= 3.0) + date (3.3.4) + db-query-matchers (0.8.0) declarative (0.0.20) deprecation (1.1.0) activesupport descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) device_detector (1.1.1) - devise (4.9.2) + devise (4.9.3) bcrypt (~> 3.0) orm_adapter (~> 0.1) railties (>= 4.1.0) @@ -225,6 +232,8 @@ GEM bundler (>= 2.2.33) down (5.4.1) addressable (~> 2.8) + drb (2.2.0) + ruby2_keywords dropbox_api (0.1.21) faraday (< 3.0) oauth2 (~> 1.1) @@ -262,7 +271,7 @@ GEM geocoder (1.8.2) globalid (1.2.1) activesupport (>= 6.1) - google-apis-core (0.11.1) + google-apis-core (0.11.2) addressable (~> 2.5, >= 2.5.1) googleauth (>= 0.16.2, < 2.a) httpclient (>= 2.8.1, < 3.a) @@ -283,7 +292,7 @@ GEM hashery (2.1.2) hashie (5.0.0) hirefire-resource (0.10.1) - honeybadger (5.2.1) + honeybadger (5.3.0) html_aware_truncation (1.0.0) nokogiri (~> 1.0) http (5.1.1) @@ -299,7 +308,7 @@ GEM concurrent-ruby (~> 1.0) ice_nine (0.11.2) io-console (0.6.0) - irb (1.8.1) + irb (1.8.3) rdoc reline (>= 0.3.8) jbuilder (2.11.5) @@ -320,14 +329,14 @@ GEM activerecord kaminari-core (= 1.2.2) kaminari-core (1.2.2) - kithe (2.11.0) - attr_json (< 3.0.0) + kithe (2.12.0) + attr_json (~> 2.0) fastimage (~> 2.0) fx (>= 0.6.0, < 1) marcel mini_mime pdf-reader (~> 2.0) - rails (>= 5.2.1, < 7.1) + rails (>= 6.0, < 7.2) rsolr (~> 2.2) ruby-progressbar (~> 1.0) shrine (~> 3.3) @@ -350,12 +359,12 @@ GEM ffi-compiler (~> 1.0) rake (~> 13.0) lockbox (1.3.0) - lograge (0.13.0) + lograge (0.14.0) actionpack (>= 4) activesupport (>= 4) railties (>= 4) request_store (~> 1.0) - loofah (2.21.3) + loofah (2.21.4) crass (~> 1.0.2) nokogiri (>= 1.12.0) mail (2.8.1) @@ -373,7 +382,6 @@ GEM matrix (0.4.2) method_source (1.0.0) mini_mime (1.1.5) - mini_portile2 (2.8.4) minitar (0.9) minitest (5.20.0) mono_logger (1.1.2) @@ -383,19 +391,19 @@ GEM multipart-post (2.3.0) mustermann (3.0.0) ruby2_keywords (~> 0.0.1) + mutex_m (0.2.0) namae (1.1.1) - net-imap (0.4.0) + net-imap (0.4.4) date net-protocol net-pop (0.1.2) net-protocol - net-protocol (0.2.1) + net-protocol (0.2.2) timeout net-smtp (0.4.0) net-protocol nio4r (2.5.9) - nokogiri (1.15.4) - mini_portile2 (~> 2.8.2) + nokogiri (1.15.4-arm64-darwin) racc (~> 1.4) oai (1.2.1) builder (>= 3.1.0) @@ -412,7 +420,7 @@ GEM ruby-ll (~> 2.1) orm_adapter (0.5.0) os (1.1.4) - ostruct (0.5.5) + ostruct (0.6.0) parser (3.2.2.4) ast (~> 2.4.1) racc @@ -444,21 +452,21 @@ GEM pry-byebug (3.10.1) byebug (~> 11.0) pry (>= 0.13, < 0.15) - psych (5.1.0) + psych (5.1.1.1) stringio public_suffix (5.0.3) puma (6.4.0) nio4r (~> 2.0) - qa (5.10.0) + qa (5.11.0) activerecord-import deprecation faraday (< 3.0, != 2.0.0) geocoder ldpath nokogiri (~> 1.6) - rails (>= 5.0, < 7.1) + rails (>= 5.0, < 7.2) rdf - racc (1.7.1) + racc (1.7.3) rack (2.2.8) rack-attack (6.7.0) rack (>= 1.0, < 4) @@ -466,22 +474,27 @@ GEM rack (~> 2.2, >= 2.2.4) rack-proxy (0.7.7) rack + rack-session (1.0.1) + rack (< 3) rack-test (2.1.0) rack (>= 1.3) - rails (7.0.8) - actioncable (= 7.0.8) - actionmailbox (= 7.0.8) - actionmailer (= 7.0.8) - actionpack (= 7.0.8) - actiontext (= 7.0.8) - actionview (= 7.0.8) - activejob (= 7.0.8) - activemodel (= 7.0.8) - activerecord (= 7.0.8) - activestorage (= 7.0.8) - activesupport (= 7.0.8) + rackup (1.0.0) + rack (< 3) + webrick + rails (7.1.1) + actioncable (= 7.1.1) + actionmailbox (= 7.1.1) + actionmailer (= 7.1.1) + actionpack (= 7.1.1) + actiontext (= 7.1.1) + actionview (= 7.1.1) + activejob (= 7.1.1) + activemodel (= 7.1.1) + activerecord (= 7.1.1) + activestorage (= 7.1.1) + activesupport (= 7.1.1) bundler (>= 1.15.0) - railties (= 7.0.8) + railties (= 7.1.1) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -493,15 +506,16 @@ GEM rails-html-sanitizer (1.6.0) loofah (~> 2.21) nokogiri (~> 1.14) - railties (7.0.8) - actionpack (= 7.0.8) - activesupport (= 7.0.8) - method_source + railties (7.1.1) + actionpack (= 7.1.1) + activesupport (= 7.1.1) + irb + rackup (>= 1.0.0) rake (>= 12.2) - thor (~> 1.0) - zeitwerk (~> 2.5) - rake (13.0.6) - ransack (4.0.0) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) + rake (13.1.0) + ransack (4.1.1) activerecord (>= 6.1.5) activesupport (>= 6.1.5) i18n @@ -513,16 +527,16 @@ GEM link_header (~> 0.0, >= 0.0.8) rdf-vocab (3.3.0) rdf (~> 3.3) - rdoc (6.5.0) + rdoc (6.6.0) psych (>= 4.0.0) - redis (5.0.7) - redis-client (>= 0.9.0) - redis-client (0.17.0) + redis (5.0.8) + redis-client (>= 0.17.0) + redis-client (0.18.0) connection_pool redis-namespace (1.11.0) redis (>= 4) - regexp_parser (2.8.1) - reline (0.3.9) + regexp_parser (2.8.2) + reline (0.4.0) io-console (~> 0.5) representable (3.2.0) declarative (< 0.1.0) @@ -530,7 +544,7 @@ GEM uber (< 0.2.0) request_store (1.5.1) rack (>= 1.4) - responders (3.1.0) + responders (3.1.1) actionpack (>= 5.2) railties (>= 5.2) resque (2.6.0) @@ -546,15 +560,11 @@ GEM retriable (3.1.2) rexml (3.2.6) rinku (2.0.6) - roda (3.72.0) + roda (3.73.0) rack rsolr (2.5.0) builder (>= 2.1.2) faraday (>= 0.9, < 3, != 2.0.0) - rspec (3.12.0) - rspec-core (~> 3.12.0) - rspec-expectations (~> 3.12.0) - rspec-mocks (~> 3.12.0) rspec-core (3.12.2) rspec-support (~> 3.12.0) rspec-expectations (3.12.3) @@ -596,7 +606,7 @@ GEM scout_apm (5.3.5) parser scrub_rb (1.0.1) - selenium-webdriver (4.13.1) + selenium-webdriver (4.15.0) rexml (~> 3.2, >= 3.2.5) rubyzip (>= 1.2.2, < 3.0) websocket (~> 1.0) @@ -612,7 +622,7 @@ GEM faraday (>= 0.17.5, < 3.a) jwt (>= 1.5, < 3.0) multi_json (~> 1.10) - simple_form (5.2.0) + simple_form (5.3.0) actionpack (>= 5.2) activemodel (>= 5.2) sinatra (3.1.0) @@ -635,13 +645,13 @@ GEM actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) - stringio (3.0.8) - terser (1.1.18) + stringio (3.0.9) + terser (1.1.19) execjs (>= 0.3.0, < 3) - thor (1.2.2) + thor (1.3.0) thread_safe (0.3.6) tilt (2.3.0) - timeout (0.4.0) + timeout (0.4.1) trailblazer-option (0.1.2) traject (3.8.1) concurrent-ruby (>= 0.8.0) @@ -670,7 +680,7 @@ GEM aws-sdk-s3 (~> 1.0) content_disposition (~> 1.0) roda (>= 2.27, < 4) - view_component (3.6.0) + view_component (3.7.0) activesupport (>= 5.2.0, < 8.0) concurrent-ruby (~> 1.0) method_source (~> 1.0) @@ -678,7 +688,7 @@ GEM axiom-types (~> 0.1) coercible (~> 1.0) descendants_tracker (~> 0.0, >= 0.0.3) - vite_rails (3.0.16) + vite_rails (3.0.17) railties (>= 5.1, < 8) vite_ruby (~> 3.0, >= 3.2.2) vite_ruby (3.3.4) @@ -708,7 +718,7 @@ GEM zeitwerk (2.6.12) PLATFORMS - ruby + arm64-darwin-21 DEPENDENCIES access-granted (~> 1.0) @@ -721,12 +731,12 @@ DEPENDENCIES aws-sdk-mediaconvert (~> 1.0) aws-sdk-s3 (~> 1.0) axe-core-rspec (~> 4.3) - blacklight (~> 7.34.0) + blacklight (~> 7.35.0) blacklight_range_limit (~> 8.4.0) bootsnap (>= 1.4.4) bootstrap (~> 4.6, >= 4.6.2) bootstrap4-kaminari-views - browse-everything (~> 1.2) + browse-everything (~> 1.3) browser (~> 5.0) capybara (>= 2.15) capybara-screenshot @@ -764,9 +774,10 @@ DEPENDENCIES prawn-svg (< 2) pry-byebug puma (~> 6.3) - qa (~> 5.2, >= 5.2.10) + qa (~> 5.2, >= 5.11.0) + rack (~> 2.0) rack-attack (~> 6.6) - rails (~> 7.0.0) + rails (~> 7.1.0) rails-controller-testing ransack (~> 4.0) reline (>= 0.2.1) From 9fa91734e7f5ec82d339d9ca674847953f0831d1 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Wed, 8 Nov 2023 15:35:10 -0500 Subject: [PATCH 03/20] move restricted derivatives to factory and stop using #dup on ActiveRecord In Rails 7.1 it was creating problems with dup'ing the friendlier_id, I think because Rails 7.1 is better at actually retrieving the database-set friendlier_id This was a messy way to do it anyway, dup'ing ActiveRecord objects is kind of asking for trouble. Factories are the right way to DRY a model in a particular state for test, that's what they're for. --- spec/factories/asset_factory.rb | 17 +++++++++++++++ ...et_derivative_storage_type_auditor_spec.rb | 21 +++---------------- 2 files changed, 20 insertions(+), 18 deletions(-) diff --git a/spec/factories/asset_factory.rb b/spec/factories/asset_factory.rb index 4adf353c3..bd41110e2 100644 --- a/spec/factories/asset_factory.rb +++ b/spec/factories/asset_factory.rb @@ -102,6 +102,23 @@ faked_derivatives { nil } end + trait :restricted_derivatives do + published { false } + derivative_storage_type { "restricted" } + faked_derivatives { + { + "thumb_small" => create(:stored_uploaded_file, + file: File.open(Rails.root + "spec/test_support/images/20x20.png"), + storage: "restricted_kithe_derivatives", + content_type: "image/png"), + "thumb_large" => create(:stored_uploaded_file, + file: File.open(Rails.root + "spec/test_support/images/20x20.png"), + storage: "restricted_kithe_derivatives", + content_type: "image/png"), + } + } + end + trait :pdf do faked_file { File.open((Rails.root + "spec/test_support/pdf/sample.pdf")) } faked_content_type { "application/pdf" } diff --git a/spec/services/asset_derivative_storage_type_auditor_spec.rb b/spec/services/asset_derivative_storage_type_auditor_spec.rb index 49bd3e949..dc542989a 100644 --- a/spec/services/asset_derivative_storage_type_auditor_spec.rb +++ b/spec/services/asset_derivative_storage_type_auditor_spec.rb @@ -19,22 +19,7 @@ ) end - let!(:restricted_derivative_asset) do - create(:asset_with_faked_file, - published: false, - derivative_storage_type: "restricted", - faked_derivatives: { - "thumb_small" => create(:stored_uploaded_file, - file: File.open(sample_file_location), - storage: "restricted_kithe_derivatives", - content_type: "image/png"), - "thumb_large" => create(:stored_uploaded_file, - file: File.open(sample_file_location), - storage: "restricted_kithe_derivatives", - content_type: "image/png"), - } - ) - end + let!(:restricted_derivative_asset) { create(:asset_with_faked_file, :restricted_derivatives) } let(:auditor) { AssetDerivativeStorageTypeAuditor.new } @@ -63,12 +48,12 @@ describe "with failures" do let!(:published_with_restricted_derivatives) do - restricted_derivative_asset.dup.tap { |a| a.update(published: true) } + create(:asset_with_faked_file, :restricted_derivatives).tap { |a| a.update(published: true) } end let!(:mismatched_storage_locations) do # update in DB without triggering rails callback, so we can force inconsistency - a = restricted_derivative_asset.dup + a = create(:asset_with_faked_file, :restricted_derivatives) a.save! a.update_column("json_attributes", a.json_attributes.merge("derivative_storage_type" => "public")) a From f2fb9d69acd3411523a4f601b270d59acabce0fc Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Wed, 8 Nov 2023 16:58:56 -0500 Subject: [PATCH 04/20] fix param check for Rails 7.1 where inner hash is also an ActionController::Parameters instead of Hash --- app/controllers/catalog_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/catalog_controller.rb b/app/controllers/catalog_controller.rb index b03db1f1d..9f0238385 100644 --- a/app/controllers/catalog_controller.rb +++ b/app/controllers/catalog_controller.rb @@ -612,7 +612,7 @@ def catch_bad_format_param # Future versions of Blacklight may accomodate these malformed URLs through an alternate # strategy and not need this redirect: https://github.com/projectblacklight/blacklight/pull/2313 def redirect_hash_facet_params - if params[:f].respond_to?(:transform_values) && params[:f].values.any? { |x| x.is_a?(Hash) } + if params[:f].respond_to?(:transform_values) && params[:f].values.any? { |x| x.respond_to?(:transform_values) } original_f_params = params[:f].to_unsafe_h corrected_params = {} From 56024fcdf8277cd323ea6dbbe19e16c1a140b8ee Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Thu, 9 Nov 2023 12:34:51 -0500 Subject: [PATCH 05/20] more comments on rack 2.x lock --- Gemfile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Gemfile b/Gemfile index d2c9ac249..e54e77655 100644 --- a/Gemfile +++ b/Gemfile @@ -11,8 +11,10 @@ gem 'lockbox' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' gem 'rails', '~> 7.1.0' -# While rails 7.1 supports rack 3, we're not ready to take that jump yet, -# too many other things not compat but don't know it. +# While rails 7.1 supports rack 3, other things we're using actually don't yet, +# but bundler can incorrectly resolve to REALLY OLD verisons of dependencies +# if we don't tell it, actually, we're not ready for rack 3. See: +# https://bibwild.wordpress.com/2023/11/09/beware-sinatra-rails-7-1-rack-3-resque-bundler-dependency-resolution/ gem "rack", "~> 2.0" # Our JS/CSS/asset bundler From c5c0ece2a3f3b21da79dafddb4c8047d65ca1930 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Thu, 9 Nov 2023 14:34:53 -0500 Subject: [PATCH 06/20] Add linux platform to Gemfile.lock Not sure why it only just now started complaining asking us to do this? We got an error when running on linux, which told us to: bundle lock --add-platform x86_64-linux So we did so --- Gemfile.lock | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Gemfile.lock b/Gemfile.lock index 2b4a3b0b8..f17f683a0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -405,6 +405,8 @@ GEM nio4r (2.5.9) nokogiri (1.15.4-arm64-darwin) racc (~> 1.4) + nokogiri (1.15.4-x86_64-linux) + racc (~> 1.4) oai (1.2.1) builder (>= 3.1.0) faraday (< 3) @@ -719,6 +721,7 @@ GEM PLATFORMS arm64-darwin-21 + x86_64-linux DEPENDENCIES access-granted (~> 1.0) From b70bd065bec9e3ee35b80b08e1d60a191dad2b80 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Mon, 13 Nov 2023 10:48:47 -0500 Subject: [PATCH 07/20] update Rails 7.1.1=>7.1.2 With 'bundle update rails' --- Gemfile.lock | 109 ++++++++++++++++++++++++++------------------------- 1 file changed, 55 insertions(+), 54 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index f17f683a0..51b881fc1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -3,50 +3,51 @@ GEM specs: Ascii85 (1.1.0) access-granted (1.3.3) - actioncable (7.1.1) - actionpack (= 7.1.1) - activesupport (= 7.1.1) + actioncable (7.1.2) + actionpack (= 7.1.2) + activesupport (= 7.1.2) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.1.1) - actionpack (= 7.1.1) - activejob (= 7.1.1) - activerecord (= 7.1.1) - activestorage (= 7.1.1) - activesupport (= 7.1.1) + actionmailbox (7.1.2) + actionpack (= 7.1.2) + activejob (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.1.1) - actionpack (= 7.1.1) - actionview (= 7.1.1) - activejob (= 7.1.1) - activesupport (= 7.1.1) + actionmailer (7.1.2) + actionpack (= 7.1.2) + actionview (= 7.1.2) + activejob (= 7.1.2) + activesupport (= 7.1.2) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp rails-dom-testing (~> 2.2) - actionpack (7.1.1) - actionview (= 7.1.1) - activesupport (= 7.1.1) + actionpack (7.1.2) + actionview (= 7.1.2) + activesupport (= 7.1.2) nokogiri (>= 1.8.5) + racc rack (>= 2.2.4) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - actiontext (7.1.1) - actionpack (= 7.1.1) - activerecord (= 7.1.1) - activestorage (= 7.1.1) - activesupport (= 7.1.1) + actiontext (7.1.2) + actionpack (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.1.1) - activesupport (= 7.1.1) + actionview (7.1.2) + activesupport (= 7.1.2) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) @@ -54,27 +55,27 @@ GEM active_encode (1.2.1) addressable (~> 2.8) rails - activejob (7.1.1) - activesupport (= 7.1.1) + activejob (7.1.2) + activesupport (= 7.1.2) globalid (>= 0.3.6) - activemodel (7.1.1) - activesupport (= 7.1.1) - activerecord (7.1.1) - activemodel (= 7.1.1) - activesupport (= 7.1.1) + activemodel (7.1.2) + activesupport (= 7.1.2) + activerecord (7.1.2) + activemodel (= 7.1.2) + activesupport (= 7.1.2) timeout (>= 0.4.0) activerecord-import (1.5.0) activerecord (>= 4.2) activerecord-postgres_enum (2.0.1) activerecord (>= 5.2) pg - activestorage (7.1.1) - actionpack (= 7.1.1) - activejob (= 7.1.1) - activerecord (= 7.1.1) - activesupport (= 7.1.1) + activestorage (7.1.2) + actionpack (= 7.1.2) + activejob (= 7.1.2) + activerecord (= 7.1.2) + activesupport (= 7.1.2) marcel (~> 1.0) - activesupport (7.1.1) + activesupport (7.1.2) base64 bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) @@ -308,7 +309,7 @@ GEM concurrent-ruby (~> 1.0) ice_nine (0.11.2) io-console (0.6.0) - irb (1.8.3) + irb (1.9.0) rdoc reline (>= 0.3.8) jbuilder (2.11.5) @@ -483,20 +484,20 @@ GEM rackup (1.0.0) rack (< 3) webrick - rails (7.1.1) - actioncable (= 7.1.1) - actionmailbox (= 7.1.1) - actionmailer (= 7.1.1) - actionpack (= 7.1.1) - actiontext (= 7.1.1) - actionview (= 7.1.1) - activejob (= 7.1.1) - activemodel (= 7.1.1) - activerecord (= 7.1.1) - activestorage (= 7.1.1) - activesupport (= 7.1.1) + rails (7.1.2) + actioncable (= 7.1.2) + actionmailbox (= 7.1.2) + actionmailer (= 7.1.2) + actionpack (= 7.1.2) + actiontext (= 7.1.2) + actionview (= 7.1.2) + activejob (= 7.1.2) + activemodel (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) bundler (>= 1.15.0) - railties (= 7.1.1) + railties (= 7.1.2) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -508,9 +509,9 @@ GEM rails-html-sanitizer (1.6.0) loofah (~> 2.21) nokogiri (~> 1.14) - railties (7.1.1) - actionpack (= 7.1.1) - activesupport (= 7.1.1) + railties (7.1.2) + actionpack (= 7.1.2) + activesupport (= 7.1.2) irb rackup (>= 1.0.0) rake (>= 12.2) From 977a4466968d278e070c7b41b457520f9aace06b Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Thu, 9 Nov 2023 15:07:13 -0500 Subject: [PATCH 08/20] Update config files to be closer to what would be generated by Rails 7.1 Used https://railsdiff.org/7.0.8/7.1.1 to identify, very helpful --- bin/setup | 2 +- config/environments/development.rb | 8 +++++++- config/environments/production.rb | 11 ++++++----- config/environments/test.rb | 17 +++++++++++------ 4 files changed, 25 insertions(+), 13 deletions(-) diff --git a/bin/setup b/bin/setup index 90700ac4f..5d9622151 100755 --- a/bin/setup +++ b/bin/setup @@ -5,7 +5,7 @@ require "fileutils" APP_ROOT = File.expand_path('..', __dir__) def system!(*args) - system(*args) || abort("\n== Command #{args} failed ==") + system(*args, exception: true) end FileUtils.chdir APP_ROOT do diff --git a/config/environments/development.rb b/config/environments/development.rb index ec6ac10ce..c2d34df3e 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -6,7 +6,7 @@ # In the development environment your application's code is reloaded on # every request. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. - config.cache_classes = false + config.enable_reloading = true # Do not eager load code on boot. config.eager_load = false @@ -76,6 +76,9 @@ # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true + # Highlight code that enqueued background job in logs. + config.active_job.verbose_enqueue_logs = true + # Debug mode disables concatenation and preprocessing of assets. # This option may cause significant delays in view rendering with a large # number of complex assets. @@ -87,6 +90,9 @@ # Raises error for missing translations # config.i18n.raise_on_missing_translations = true + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = true + # Annotate rendered view with file names. config.action_view.annotate_rendered_view_with_filenames = true diff --git a/config/environments/production.rb b/config/environments/production.rb index d25df7f0c..bc2c34086 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -4,7 +4,7 @@ # Settings specified here will take precedence over those in config/application.rb. # Code is not reloaded between requests. - config.cache_classes = true + config.enable_reloading = false # Eager load code on boot. This eager loads most of Rails and # your application in memory, allowing both threaded web servers @@ -193,10 +193,11 @@ # for our output. if ENV["RAILS_DISABLE_LOGGING"].present? config.logger = ActiveSupport::Logger.new("/dev/null") - elsif ENV["RAILS_LOG_TO_STDOUT"].present? - logger = ActiveSupport::Logger.new(STDOUT) - logger.formatter = config.log_formatter - config.logger = ActiveSupport::TaggedLogging.new(logger) + else + # Log to STDOUT by default + config.logger = ActiveSupport::Logger.new(STDOUT) + .tap { |logger| logger.formatter = ::Logger::Formatter.new } + .then { |logger| ActiveSupport::TaggedLogging.new(logger) } end diff --git a/config/environments/test.rb b/config/environments/test.rb index 1eb11bfef..7ba8399ad 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -7,12 +7,13 @@ # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped # and recreated between test runs. Don't rely on the data there! - config.cache_classes = true + config.enable_reloading = false - # Do not eager load code on boot. This avoids loading your whole application - # just for the purpose of running a single test. If you are using a tool that - # preloads Rails for running tests, you may have to set it to true. - config.eager_load = false + # Eager loading loads your entire application. When running a single test locally, + # this is usually not necessary, and can slow down your test suite. However, it's + # recommended that you enable it in continuous integration systems to ensure eager + # loading is working properly before deploying your code. + config.eager_load = ENV["CI"].present? # Use :test ActiveJob adapter which does not really run jobs, as default. # We can change on an example-by-example basis if needed. @@ -30,7 +31,8 @@ config.cache_store = :null_store # Raise exceptions instead of rendering exception templates. - config.action_dispatch.show_exceptions = false + # :rescueable is default in Rails 7.1, but we need to fix our tests + config.action_dispatch.show_exceptions = :none # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false @@ -60,4 +62,7 @@ # Raises error for missing translations # config.action_view.raise_on_missing_translations = true + + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = true end From f2c9c32f333071a5ed5b3aeca6fd3069a11dd7ed Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Thu, 9 Nov 2023 15:12:50 -0500 Subject: [PATCH 09/20] update Rails defaults to 7.0; 7.1 is causing some test failures not sure why yet It was an oversight we were still on 6.1 and not 7.0 when we moved to Rails 7.0 --- config/application.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/application.rb b/config/application.rb index 9ca3c5ff6..47185c0ce 100644 --- a/config/application.rb +++ b/config/application.rb @@ -36,7 +36,7 @@ class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version, # or Rails version we have upgraded to and verified for new defaults. - config.load_defaults 6.1 + config.load_defaults 7.0 config.time_zone = "US/Eastern" From 61f16a9f2bd66dfe0ad0c0f34b7d105c686715f0 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Thu, 9 Nov 2023 15:26:28 -0500 Subject: [PATCH 10/20] Tell devise where to get secret_key_base to avoid Rails 7.1 deprecation warning when it tries deprecated places. https://github.com/heartcombo/devise/issues/5644 --- config/initializers/devise.rb | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 328302c03..18a43571c 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -3,6 +3,9 @@ # Use this hook to configure devise mailer, warden hooks and so forth. # Many of these configuration options can be set straight in your model. Devise.setup do |config| + + + # The secret key used by Devise. Devise uses this key to generate # random tokens. Changing this key will render invalid all existing # confirmation, reset password and unlock tokens in the database. @@ -10,6 +13,10 @@ # by default. You can change it below and use your own secret key. # config.secret_key = '5c21c4628df5c96817e6bffdf1d697d5ee4272bebde637b44f8139a18a476bcce540dc16447a6f78353756d7201671347289a949e2c1a4916bc98366bcc891e7' + # Tell devise where to get secret_key_base to avoid Rails 7.1 deprecation warning + # when it tries deprecated places. https://github.com/heartcombo/devise/issues/5644 + config.secret_key = Rails.application.secret_key_base + # ==> Controller configuration # Configure the parent class to the devise controllers. # config.parent_controller = 'DeviseController' From 9d0b2ad7adefbbfa18a639f9ce8261020b745378 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Thu, 9 Nov 2023 15:31:41 -0500 Subject: [PATCH 11/20] stop using deprecated secrets.yml to set secret_key_base from env That's all we were using secrets.yml from, we can just set the config from ENV directly, since we aren't putting key in source anyway. In fact, Rails would just pick it up from SECRET_KEY_BASE env even without this, by default? But for consistency with what we did before and clarity, we're going to move it over like this. --- config/environments/production.rb | 3 +++ config/secrets.yml | 4 ---- 2 files changed, 3 insertions(+), 4 deletions(-) delete mode 100644 config/secrets.yml diff --git a/config/environments/production.rb b/config/environments/production.rb index bc2c34086..0e1c87c3b 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -6,6 +6,9 @@ # Code is not reloaded between requests. config.enable_reloading = false + # in production we set secret_key_base from an env variable, to keep it out of source + config.secret_key_base = ScihistDigicoll::Env.lookup!("secret_key_base") + # Eager load code on boot. This eager loads most of Rails and # your application in memory, allowing both threaded web servers # and those relying on copy on write to perform better. diff --git a/config/secrets.yml b/config/secrets.yml deleted file mode 100644 index f78465a7d..000000000 --- a/config/secrets.yml +++ /dev/null @@ -1,4 +0,0 @@ -<% if Rails.env.production? %> -production: - secret_key_base: <%= ScihistDigicoll::Env.lookup!("secret_key_base") %> -<% end %> From 7512c1af78291431d6f079c283b7ef45266f100d Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Mon, 13 Nov 2023 10:16:09 -0500 Subject: [PATCH 12/20] Rails 7.0 defaults require allow_other_host for redirects to non-app hosts --- app/controllers/downloads_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controllers/downloads_controller.rb b/app/controllers/downloads_controller.rb index 2a43803a2..a0cf9c29c 100644 --- a/app/controllers/downloads_controller.rb +++ b/app/controllers/downloads_controller.rb @@ -52,7 +52,7 @@ def original disposition: content_disposition_mode, filename: DownloadFilenameHelper.filename_for_asset(@asset) ) - ), status: 302 + ), status: 302, allow_other_host: true end #GET /downloads/:asset_id/:derivative_key @@ -68,7 +68,7 @@ def derivative disposition: content_disposition_mode, filename: DownloadFilenameHelper.filename_for_asset(@asset, derivative_key: params[:derivative_key].to_sym) ) - ), status: 302 + ), status: 302, allow_other_host: true end private From b34682e02a9d460a7ab42612afd951d29479c4a2 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Mon, 13 Nov 2023 11:08:28 -0500 Subject: [PATCH 13/20] add Rails 7.1 new framework defaults initializer, initially all commented out --- .../new_framework_defaults_7_1.rb | 283 ++++++++++++++++++ 1 file changed, 283 insertions(+) create mode 100644 config/initializers/new_framework_defaults_7_1.rb diff --git a/config/initializers/new_framework_defaults_7_1.rb b/config/initializers/new_framework_defaults_7_1.rb new file mode 100644 index 000000000..d4964ed1e --- /dev/null +++ b/config/initializers/new_framework_defaults_7_1.rb @@ -0,0 +1,283 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.1 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.1`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +### +# No longer add autoloaded paths into `$LOAD_PATH`. This means that you won't be able +# to manually require files that are managed by the autoloader, which you shouldn't do anyway. +# +# This will reduce the size of the load path, making `require` faster if you don't use bootsnap, or reduce the size +# of the bootsnap cache if you use it. +#++ +# Rails.application.config.add_autoload_paths_to_load_path = false + +### +# Remove the default X-Download-Options headers since it is used only by Internet Explorer. +# If you need to support Internet Explorer, add back `"X-Download-Options" => "noopen"`. +#++ +# Rails.application.config.action_dispatch.default_headers = { +# "X-Frame-Options" => "SAMEORIGIN", +# "X-XSS-Protection" => "0", +# "X-Content-Type-Options" => "nosniff", +# "X-Permitted-Cross-Domain-Policies" => "none", +# "Referrer-Policy" => "strict-origin-when-cross-origin" +# } + +### +# Do not treat an `ActionController::Parameters` instance +# as equal to an equivalent `Hash` by default. +#++ +# Rails.application.config.action_controller.allow_deprecated_parameters_hash_equality = false + +### +# Active Record Encryption now uses SHA-256 as its hash digest algorithm. +# +# There are 3 scenarios to consider. +# +# 1. If you have data encrypted with previous Rails versions, and you have +# +config.active_support.key_generator_hash_digest_class+ configured as SHA1 (the default +# before Rails 7.0), you need to configure SHA-1 for Active Record Encryption too: +#++ +# Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA1 +# +# 2. If you have +config.active_support.key_generator_hash_digest_class+ configured as SHA256 (the new default +# in 7.0), then you need to configure SHA-256 for Active Record Encryption: +#++ +# Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA256 +# +# 3. If you don't currently have data encrypted with Active Record encryption, you can disable this setting to +# configure the default behavior starting 7.1+: +#++ +# Rails.application.config.active_record.encryption.support_sha1_for_non_deterministic_encryption = false + +### +# No longer run after_commit callbacks on the first of multiple Active Record +# instances to save changes to the same database row within a transaction. +# Instead, run these callbacks on the instance most likely to have internal +# state which matches what was committed to the database, typically the last +# instance to save. +#++ +# Rails.application.config.active_record.run_commit_callbacks_on_first_saved_instances_in_transaction = false + +### +# Configures SQLite with a strict strings mode, which disables double-quoted string literals. +# +# SQLite has some quirks around double-quoted string literals. +# It first tries to consider double-quoted strings as identifier names, but if they don't exist +# it then considers them as string literals. Because of this, typos can silently go unnoticed. +# For example, it is possible to create an index for a non existing column. +# See https://www.sqlite.org/quirks.html#double_quoted_string_literals_are_accepted for more details. +#++ +# Rails.application.config.active_record.sqlite3_adapter_strict_strings_by_default = true + +### +# Disable deprecated singular associations names. +#++ +# Rails.application.config.active_record.allow_deprecated_singular_associations_name = false + +### +# Enable the Active Job `BigDecimal` argument serializer, which guarantees +# roundtripping. Without this serializer, some queue adapters may serialize +# `BigDecimal` arguments as simple (non-roundtrippable) strings. +# +# When deploying an application with multiple replicas, old (pre-Rails 7.1) +# replicas will not be able to deserialize `BigDecimal` arguments from this +# serializer. Therefore, this setting should only be enabled after all replicas +# have been successfully upgraded to Rails 7.1. +#++ +# Rails.application.config.active_job.use_big_decimal_serializer = true + +### +# Specify if an `ArgumentError` should be raised if `Rails.cache` `fetch` or +# `write` are given an invalid `expires_at` or `expires_in` time. +# Options are `true`, and `false`. If `false`, the exception will be reported +# as `handled` and logged instead. +#++ +# Rails.application.config.active_support.raise_on_invalid_cache_expiration_time = true + +### +# Specify whether Query Logs will format tags using the SQLCommenter format +# (https://open-telemetry.github.io/opentelemetry-sqlcommenter/), or using the legacy format. +# Options are `:legacy` and `:sqlcommenter`. +#++ +# Rails.application.config.active_record.query_log_tags_format = :sqlcommenter + +### +# Specify the default serializer used by `MessageEncryptor` and `MessageVerifier` +# instances. +# +# The legacy default is `:marshal`, which is a potential vector for +# deserialization attacks in cases where a message signing secret has been +# leaked. +# +# In Rails 7.1, the new default is `:json_allow_marshal` which serializes and +# deserializes with `ActiveSupport::JSON`, but can fall back to deserializing +# with `Marshal` so that legacy messages can still be read. +# +# In Rails 7.2, the default will become `:json` which serializes and +# deserializes with `ActiveSupport::JSON` only. +# +# Alternatively, you can choose `:message_pack` or `:message_pack_allow_marshal`, +# which serialize with `ActiveSupport::MessagePack`. `ActiveSupport::MessagePack` +# can roundtrip some Ruby types that are not supported by JSON, and may provide +# improved performance, but it requires the `msgpack` gem. +# +# For more information, see +# https://guides.rubyonrails.org/v7.1/configuring.html#config-active-support-message-serializer +# +# If you are performing a rolling deploy of a Rails 7.1 upgrade, wherein servers +# that have not yet been upgraded must be able to read messages from upgraded +# servers, first deploy without changing the serializer, then set the serializer +# in a subsequent deploy. +#++ +# Rails.application.config.active_support.message_serializer = :json_allow_marshal + +### +# Enable a performance optimization that serializes message data and metadata +# together. This changes the message format, so messages serialized this way +# cannot be read by older versions of Rails. However, messages that use the old +# format can still be read, regardless of whether this optimization is enabled. +# +# To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have +# not yet been upgraded must be able to read messages from upgraded servers, +# leave this optimization off on the first deploy, then enable it on a +# subsequent deploy. +#++ +# Rails.application.config.active_support.use_message_serializer_for_metadata = true + +### +# Set the maximum size for Rails log files. +# +# `config.load_defaults 7.1` does not set this value for environments other than +# development and test. +#++ +# if Rails.env.local? +# Rails.application.config.log_file_size = 100 * 1024 * 1024 +# end + +### +# Enable raising on assignment to attr_readonly attributes. The previous +# behavior would allow assignment but silently not persist changes to the +# database. +#++ +# Rails.application.config.active_record.raise_on_assign_to_attr_readonly = true + +### +# Enable validating only parent-related columns for presence when the parent is mandatory. +# The previous behavior was to validate the presence of the parent record, which performed an extra query +# to get the parent every time the child record was updated, even when parent has not changed. +#++ +# Rails.application.config.active_record.belongs_to_required_validates_foreign_key = false + +### +# Enable precompilation of `config.filter_parameters`. Precompilation can +# improve filtering performance, depending on the quantity and types of filters. +#++ +# Rails.application.config.precompile_filter_parameters = true + +### +# Enable before_committed! callbacks on all enrolled records in a transaction. +# The previous behavior was to only run the callbacks on the first copy of a record +# if there were multiple copies of the same record enrolled in the transaction. +#++ +# Rails.application.config.active_record.before_committed_on_all_records = true + +### +# Disable automatic column serialization into YAML. +# To keep the historic behavior, you can set it to `YAML`, however it is +# recommended to explicitly define the serialization method for each column +# rather than to rely on a global default. +#++ +# Rails.application.config.active_record.default_column_serializer = nil + +### +# Enable a performance optimization that serializes Active Record models +# in a faster and more compact way. +# +# To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have +# not yet been upgraded must be able to read caches from upgraded servers, +# leave this optimization off on the first deploy, then enable it on a +# subsequent deploy. +#++ +# Rails.application.config.active_record.marshalling_format_version = 7.1 + +### +# Run `after_commit` and `after_*_commit` callbacks in the order they are defined in a model. +# This matches the behaviour of all other callbacks. +# In previous versions of Rails, they ran in the inverse order. +#++ +# Rails.application.config.active_record.run_after_transaction_callbacks_in_order_defined = true + +### +# Whether a `transaction` block is committed or rolled back when exited via `return`, `break` or `throw`. +#++ +# Rails.application.config.active_record.commit_transaction_on_non_local_return = true + +### +# Controls when to generate a value for has_secure_token declarations. +#++ +# Rails.application.config.active_record.generate_secure_token_on = :initialize + +### +# ** Please read carefully, this must be configured in config/application.rb ** +# +# Change the format of the cache entry. +# +# Changing this default means that all new cache entries added to the cache +# will have a different format that is not supported by Rails 7.0 +# applications. +# +# Only change this value after your application is fully deployed to Rails 7.1 +# and you have no plans to rollback. +# When you're ready to change format, add this to `config/application.rb` (NOT +# this file): +# config.active_support.cache_format_version = 7.1 + + +### +# Configure Action View to use HTML5 standards-compliant sanitizers when they are supported on your +# platform. +# +# `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action View to use HTML5-compliant +# sanitizers if they are supported, else fall back to HTML4 sanitizers. +# +# In previous versions of Rails, Action View always used `Rails::HTML4::Sanitizer` as its vendor. +#++ +# Rails.application.config.action_view.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor + + +### +# Configure Action Text to use an HTML5 standards-compliant sanitizer when it is supported on your +# platform. +# +# `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action Text to use HTML5-compliant +# sanitizers if they are supported, else fall back to HTML4 sanitizers. +# +# In previous versions of Rails, Action Text always used `Rails::HTML4::Sanitizer` as its vendor. +#++ +# Rails.application.config.action_text.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor + + +### +# Configure the log level used by the DebugExceptions middleware when logging +# uncaught exceptions during requests. +#++ +# Rails.application.config.action_dispatch.debug_exception_log_level = :error + + +### +# Configure the test helpers in Action View, Action Dispatch, and rails-dom-testing to use HTML5 +# parsers. +# +# Nokogiri::HTML5 isn't supported on JRuby, so JRuby applications must set this to :html4. +# +# In previous versions of Rails, these test helpers always used an HTML4 parser. +#++ +# Rails.application.config.dom_testing_default_html_version = :html5 From 4ba968df365fb5731f3d38d708ebf8b25c6165f9 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Mon, 13 Nov 2023 11:12:51 -0500 Subject: [PATCH 14/20] opt into some non-dangerous Rails config 7.1 defaults --- .../new_framework_defaults_7_1.rb | 42 +++++++++---------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/config/initializers/new_framework_defaults_7_1.rb b/config/initializers/new_framework_defaults_7_1.rb index d4964ed1e..f028e5f93 100644 --- a/config/initializers/new_framework_defaults_7_1.rb +++ b/config/initializers/new_framework_defaults_7_1.rb @@ -16,19 +16,19 @@ # This will reduce the size of the load path, making `require` faster if you don't use bootsnap, or reduce the size # of the bootsnap cache if you use it. #++ -# Rails.application.config.add_autoload_paths_to_load_path = false +Rails.application.config.add_autoload_paths_to_load_path = false ### # Remove the default X-Download-Options headers since it is used only by Internet Explorer. # If you need to support Internet Explorer, add back `"X-Download-Options" => "noopen"`. #++ -# Rails.application.config.action_dispatch.default_headers = { -# "X-Frame-Options" => "SAMEORIGIN", -# "X-XSS-Protection" => "0", -# "X-Content-Type-Options" => "nosniff", -# "X-Permitted-Cross-Domain-Policies" => "none", -# "Referrer-Policy" => "strict-origin-when-cross-origin" -# } +Rails.application.config.action_dispatch.default_headers = { + "X-Frame-Options" => "SAMEORIGIN", + "X-XSS-Protection" => "0", + "X-Content-Type-Options" => "nosniff", + "X-Permitted-Cross-Domain-Policies" => "none", + "Referrer-Policy" => "strict-origin-when-cross-origin" +} ### # Do not treat an `ActionController::Parameters` instance @@ -75,7 +75,7 @@ # For example, it is possible to create an index for a non existing column. # See https://www.sqlite.org/quirks.html#double_quoted_string_literals_are_accepted for more details. #++ -# Rails.application.config.active_record.sqlite3_adapter_strict_strings_by_default = true +Rails.application.config.active_record.sqlite3_adapter_strict_strings_by_default = true ### # Disable deprecated singular associations names. @@ -100,14 +100,14 @@ # Options are `true`, and `false`. If `false`, the exception will be reported # as `handled` and logged instead. #++ -# Rails.application.config.active_support.raise_on_invalid_cache_expiration_time = true +Rails.application.config.active_support.raise_on_invalid_cache_expiration_time = true ### # Specify whether Query Logs will format tags using the SQLCommenter format # (https://open-telemetry.github.io/opentelemetry-sqlcommenter/), or using the legacy format. # Options are `:legacy` and `:sqlcommenter`. #++ -# Rails.application.config.active_record.query_log_tags_format = :sqlcommenter +Rails.application.config.active_record.query_log_tags_format = :sqlcommenter ### # Specify the default serializer used by `MessageEncryptor` and `MessageVerifier` @@ -158,29 +158,29 @@ # `config.load_defaults 7.1` does not set this value for environments other than # development and test. #++ -# if Rails.env.local? -# Rails.application.config.log_file_size = 100 * 1024 * 1024 -# end +if Rails.env.local? + Rails.application.config.log_file_size = 100 * 1024 * 1024 +end ### # Enable raising on assignment to attr_readonly attributes. The previous # behavior would allow assignment but silently not persist changes to the # database. #++ -# Rails.application.config.active_record.raise_on_assign_to_attr_readonly = true +Rails.application.config.active_record.raise_on_assign_to_attr_readonly = true ### # Enable validating only parent-related columns for presence when the parent is mandatory. # The previous behavior was to validate the presence of the parent record, which performed an extra query # to get the parent every time the child record was updated, even when parent has not changed. #++ -# Rails.application.config.active_record.belongs_to_required_validates_foreign_key = false +Rails.application.config.active_record.belongs_to_required_validates_foreign_key = false ### # Enable precompilation of `config.filter_parameters`. Precompilation can # improve filtering performance, depending on the quantity and types of filters. #++ -# Rails.application.config.precompile_filter_parameters = true +Rails.application.config.precompile_filter_parameters = true ### # Enable before_committed! callbacks on all enrolled records in a transaction. @@ -218,12 +218,12 @@ ### # Whether a `transaction` block is committed or rolled back when exited via `return`, `break` or `throw`. #++ -# Rails.application.config.active_record.commit_transaction_on_non_local_return = true +Rails.application.config.active_record.commit_transaction_on_non_local_return = true ### # Controls when to generate a value for has_secure_token declarations. #++ -# Rails.application.config.active_record.generate_secure_token_on = :initialize +Rails.application.config.active_record.generate_secure_token_on = :initialize ### # ** Please read carefully, this must be configured in config/application.rb ** @@ -250,7 +250,7 @@ # # In previous versions of Rails, Action View always used `Rails::HTML4::Sanitizer` as its vendor. #++ -# Rails.application.config.action_view.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor +Rails.application.config.action_view.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor ### @@ -269,7 +269,7 @@ # Configure the log level used by the DebugExceptions middleware when logging # uncaught exceptions during requests. #++ -# Rails.application.config.action_dispatch.debug_exception_log_level = :error +Rails.application.config.action_dispatch.debug_exception_log_level = :error ### From 5132af6370e4fe7282fb8560c990a2e9e6c81fbd Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Mon, 13 Nov 2023 11:22:55 -0500 Subject: [PATCH 15/20] opt into more innocuous Rails 7.1 defaults --- .../initializers/new_framework_defaults_7_1.rb | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/config/initializers/new_framework_defaults_7_1.rb b/config/initializers/new_framework_defaults_7_1.rb index f028e5f93..a63f1e3b8 100644 --- a/config/initializers/new_framework_defaults_7_1.rb +++ b/config/initializers/new_framework_defaults_7_1.rb @@ -34,7 +34,7 @@ # Do not treat an `ActionController::Parameters` instance # as equal to an equivalent `Hash` by default. #++ -# Rails.application.config.action_controller.allow_deprecated_parameters_hash_equality = false +Rails.application.config.action_controller.allow_deprecated_parameters_hash_equality = false ### # Active Record Encryption now uses SHA-256 as its hash digest algorithm. @@ -80,7 +80,7 @@ ### # Disable deprecated singular associations names. #++ -# Rails.application.config.active_record.allow_deprecated_singular_associations_name = false +Rails.application.config.active_record.allow_deprecated_singular_associations_name = false ### # Enable the Active Job `BigDecimal` argument serializer, which guarantees @@ -92,7 +92,7 @@ # serializer. Therefore, this setting should only be enabled after all replicas # have been successfully upgraded to Rails 7.1. #++ -# Rails.application.config.active_job.use_big_decimal_serializer = true +Rails.application.config.active_job.use_big_decimal_serializer = true ### # Specify if an `ArgumentError` should be raised if `Rails.cache` `fetch` or @@ -195,7 +195,7 @@ # recommended to explicitly define the serialization method for each column # rather than to rely on a global default. #++ -# Rails.application.config.active_record.default_column_serializer = nil +Rails.application.config.active_record.default_column_serializer = nil ### # Enable a performance optimization that serializes Active Record models @@ -262,7 +262,11 @@ # # In previous versions of Rails, Action Text always used `Rails::HTML4::Sanitizer` as its vendor. #++ -# Rails.application.config.action_text.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor +# +#scihist : we're not using actiontext currently, so this one does not apply, and in fact raises: +# "undefined method `action_text' for #"?? +# +#Rails.application.config.action_text.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor ### @@ -280,4 +284,4 @@ # # In previous versions of Rails, these test helpers always used an HTML4 parser. #++ -# Rails.application.config.dom_testing_default_html_version = :html5 +Rails.application.config.dom_testing_default_html_version = :html5 From ee0afce5acfaa4d10d5f8660cfd203c9f913764e Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Mon, 13 Nov 2023 11:39:06 -0500 Subject: [PATCH 16/20] Opt into new Rails 7.1 defaults around activerecord callbacks --- config/initializers/new_framework_defaults_7_1.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config/initializers/new_framework_defaults_7_1.rb b/config/initializers/new_framework_defaults_7_1.rb index a63f1e3b8..9a602f503 100644 --- a/config/initializers/new_framework_defaults_7_1.rb +++ b/config/initializers/new_framework_defaults_7_1.rb @@ -64,7 +64,7 @@ # state which matches what was committed to the database, typically the last # instance to save. #++ -# Rails.application.config.active_record.run_commit_callbacks_on_first_saved_instances_in_transaction = false +Rails.application.config.active_record.run_commit_callbacks_on_first_saved_instances_in_transaction = false ### # Configures SQLite with a strict strings mode, which disables double-quoted string literals. @@ -187,7 +187,7 @@ # The previous behavior was to only run the callbacks on the first copy of a record # if there were multiple copies of the same record enrolled in the transaction. #++ -# Rails.application.config.active_record.before_committed_on_all_records = true +Rails.application.config.active_record.before_committed_on_all_records = true ### # Disable automatic column serialization into YAML. @@ -213,7 +213,7 @@ # This matches the behaviour of all other callbacks. # In previous versions of Rails, they ran in the inverse order. #++ -# Rails.application.config.active_record.run_after_transaction_callbacks_in_order_defined = true +Rails.application.config.active_record.run_after_transaction_callbacks_in_order_defined = true ### # Whether a `transaction` block is committed or rolled back when exited via `return`, `break` or `throw`. From 502bf45bc025584e52a90050455cd657ca77fb68 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Tue, 21 Nov 2023 14:50:09 -0500 Subject: [PATCH 17/20] make new run_after_transaction_callbacks_in_order_defined config actually take effect In config/initializers, it was happening too late to actually affect our Asset class, so we didn't actually see the new behavior that ended up cauisng us problems --- config/application.rb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/config/application.rb b/config/application.rb index 47185c0ce..1a5794510 100644 --- a/config/application.rb +++ b/config/application.rb @@ -38,6 +38,11 @@ class Application < Rails::Application # or Rails version we have upgraded to and verified for new defaults. config.load_defaults 7.0 + # Before we have 7.1 defaults, we want to opt into this, for some reason + # doing it in the standard new_framework_defaults_7_1.rb doesn't work it's too late, + # need it here. + config.active_record.run_after_transaction_callbacks_in_order_defined = true + config.time_zone = "US/Eastern" # Settings in config/environments/* take precedence over those specified here. From c139c4b0d1238e127c0543b5ef933af04241a8dd Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Tue, 21 Nov 2023 14:52:30 -0500 Subject: [PATCH 18/20] use new kithe feature #kithe_earlier_after_commit to regsiter our after_commits to run early enough that we can still work in presence of Rails 7.1 run_after_transaction_callbacks_in_order_defined --- Gemfile | 2 +- Gemfile.lock | 4 ++-- app/models/asset.rb | 19 ++++++++++++------- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/Gemfile b/Gemfile index e54e77655..62ccaf0c6 100644 --- a/Gemfile +++ b/Gemfile @@ -117,7 +117,7 @@ gem "device_detector", "~> 1.0" # user-agent parsing we use for logging gem "attr_json", "~> 2.0" -gem 'kithe', "~> 2.11" +gem 'kithe', "~> 2.13" gem "traject", ">= 3.5" # to include support for HTTP basic auth in Solr url diff --git a/Gemfile.lock b/Gemfile.lock index 51b881fc1..c52cca52c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -330,7 +330,7 @@ GEM activerecord kaminari-core (= 1.2.2) kaminari-core (1.2.2) - kithe (2.12.0) + kithe (2.13.0) attr_json (~> 2.0) fastimage (~> 2.0) fx (>= 0.6.0, < 1) @@ -763,7 +763,7 @@ DEPENDENCIES irb (>= 1.3.1) jbuilder (~> 2.5) kaminari (~> 1.2) - kithe (~> 2.11) + kithe (~> 2.13) listen (~> 3.3) lockbox lograge (< 2) diff --git a/app/models/asset.rb b/app/models/asset.rb index e5f3dd88d..f02c4d935 100644 --- a/app/models/asset.rb +++ b/app/models/asset.rb @@ -23,6 +23,18 @@ class Asset < Kithe::Asset # logging purposes. has_many :active_encode_statuses, foreign_key: "asset_id", inverse_of: "asset", dependent: nil + # We need these after_commits to happen BEFORE shrine promotion, so `file_data_previously_changed` + # still represents the change that _triggered_ promotion, rather than the promotion itself. + # + # We use the kithe method kithe_earlier_after_commit to do so, when Rails doesn't really give us a way. + # See https://github.com/sciencehistory/kithe/pull/178 + + kithe_earlier_after_commit if: ->(asset) { asset.file_data_previously_changed? && asset.promotion_failed? } do + Rails.logger.error("AssetPromotionValidation: Asset `#{friendlier_id}` failed ingest: #{promotion_validation_errors.inspect}") + end + + kithe_earlier_after_commit DziFiles::ActiveRecordCallbacks, only: [:update, :destroy] + set_shrine_uploader(AssetUploader) scope :promotion_failed, ->{ @@ -59,11 +71,6 @@ class Asset < Kithe::Asset throw :abort end - after_commit if: ->(asset) { asset.file_data_previously_changed? && asset.promotion_failed? } do - Rails.logger.error("AssetPromotionValidation: Asset `#{friendlier_id}` failed ingest: #{promotion_validation_errors.inspect}") - end - - THUMB_WIDTHS = AssetUploader::THUMB_WIDTHS IMAGE_DOWNLOAD_WIDTHS = AssetUploader::IMAGE_DOWNLOAD_WIDTHS @@ -234,8 +241,6 @@ def should_reindex_parent_after_save?(indexed_attributes: [:transcription, :engl after_promotion :create_hls_video, if: ->(asset) { asset.content_type&.start_with?("video/") } - after_commit DziFiles::ActiveRecordCallbacks, only: [:update, :destroy] - # for ones we're importing from our ingest bucket via :remote_url, we want # to schedule a future deletion from ingest bucket. around_promotion :schedule_ingest_bucket_deletion, if: ->(asset) { asset.file.storage_key == :remote_url } From 0f0692eb104430b9a8be053a72260376a1eed6ec Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Wed, 22 Nov 2023 10:31:41 -0500 Subject: [PATCH 19/20] in CI change db:create to db:prepare Previously on CI, somehow our DB schema _was_ getting loaded... but after moving to Rails 7.1 it wasn't and was causing an error. Not sure what was going on before, but in CI setup script changing 'db:create' to 'db:prepare` tells rails to create the DB _and_ load the schema, and fixes our build --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2ae4ce7ec..2fd993293 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -51,7 +51,7 @@ jobs: - name: Set up app run: | - RAILS_ENV=test bundle exec rails db:create + RAILS_ENV=test bundle exec rails db:prepare yarn install # This cache probably doesn't actually save us any time, but it hopes to save From cad8a5aa0ead02c9c5e198a98c3aaa10da57a082 Mon Sep 17 00:00:00 2001 From: Jonathan Rochkind Date: Mon, 27 Nov 2023 10:23:25 -0500 Subject: [PATCH 20/20] use db:test:prepare instead of db:prepare in CI, will likely be faster, not do things we don't need for CI --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2fd993293..00715b1bb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -51,7 +51,7 @@ jobs: - name: Set up app run: | - RAILS_ENV=test bundle exec rails db:prepare + RAILS_ENV=test bundle exec rails db:test:prepare yarn install # This cache probably doesn't actually save us any time, but it hopes to save