diff --git a/.ruby-version b/.ruby-version index 35d16fb1a..24ba9a38d 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -2.5.7 +2.7.0 diff --git a/ruby/Gemfile b/ruby/Gemfile index f63a08241..85091affb 100644 --- a/ruby/Gemfile +++ b/ruby/Gemfile @@ -25,9 +25,9 @@ end gem 'pg' #, '0.17.1', :platform => [:mri, :mswin, :mingw] #gem 'jdbc_postgres', :platform => [:jruby] -gem 'activerecord', '= 5.2.8' +gem 'activerecord', '= 6.0.6' #gem 'railties', '= 5.2.5' -gem 'actionmailer', '= 5.2.8' +gem 'actionmailer', '= 6.0.6' gem 'rails-observers' #gem 'rails-observers', '0.1.2' #gem 'protected_attributes' # needed to support attr_accessible diff --git a/ruby/Gemfile.lock b/ruby/Gemfile.lock index a1429f646..c33d45369 100644 --- a/ruby/Gemfile.lock +++ b/ruby/Gemfile.lock @@ -14,41 +14,41 @@ GEM specs: aasm (5.4.0) concurrent-ruby (~> 1.0) - actionmailer (5.2.8) - actionpack (= 5.2.8) - actionview (= 5.2.8) - activejob (= 5.2.8) + actionmailer (6.0.6) + actionpack (= 6.0.6) + actionview (= 6.0.6) + activejob (= 6.0.6) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.2.8) - actionview (= 5.2.8) - activesupport (= 5.2.8) + actionpack (6.0.6) + actionview (= 6.0.6) + activesupport (= 6.0.6) rack (~> 2.0, >= 2.0.8) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.2.8) - activesupport (= 5.2.8) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actionview (6.0.6) + activesupport (= 6.0.6) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (5.2.8) - activesupport (= 5.2.8) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activejob (6.0.6) + activesupport (= 6.0.6) globalid (>= 0.3.6) - activemodel (5.2.8) - activesupport (= 5.2.8) - activerecord (5.2.8) - activemodel (= 5.2.8) - activesupport (= 5.2.8) - arel (>= 9.0) + activemodel (6.0.6) + activesupport (= 6.0.6) + activerecord (6.0.6) + activemodel (= 6.0.6) + activesupport (= 6.0.6) activerecord-import (0.4.1) activerecord (>= 3.0) - activesupport (5.2.8) + activesupport (6.0.6) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) + zeitwerk (~> 2.2, >= 2.2.2) addressable (2.8.1) public_suffix (>= 2.0.2, < 6.0) amq-client (1.0.4) @@ -59,7 +59,6 @@ GEM amq-client (~> 1.0.2) amq-protocol (>= 1.3.0) eventmachine - arel (9.0.0) auto_strip_attributes (2.6.0) activerecord (>= 4.0) aws-sdk (1.67.0) @@ -238,7 +237,7 @@ GEM oj (3.13.23) orm_adapter (0.5.0) pg (1.4.5) - postgres-copy (1.6.1) + postgres-copy (1.7.0) activerecord (>= 5.1) pg (>= 0.17) protected_attributes_continued (1.8.2) @@ -261,12 +260,12 @@ GEM loofah (~> 2.3) rails-observers (0.1.5) activemodel (>= 4.0) - railties (5.2.8) - actionpack (= 5.2.8) - activesupport (= 5.2.8) + railties (6.0.6) + actionpack (= 6.0.6) + activesupport (= 6.0.6) method_source rake (>= 0.8.7) - thor (>= 0.19.0, < 2.0) + thor (>= 0.20.3, < 2.0) rake (13.0.6) recurly (2.18.16) redis (5.0.5) @@ -374,6 +373,7 @@ GEM crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) will_paginate (3.3.1) + zeitwerk (2.6.6) zip-codes (0.2.1) PLATFORMS @@ -381,8 +381,8 @@ PLATFORMS DEPENDENCIES aasm - actionmailer (= 5.2.8) - activerecord (= 5.2.8) + actionmailer (= 6.0.6) + activerecord (= 6.0.6) activerecord-import (~> 0.4.1) amqp (= 1.0.2) auto_strip_attributes diff --git a/web/Gemfile b/web/Gemfile index cce5cb928..a40cb40e8 100644 --- a/web/Gemfile +++ b/web/Gemfile @@ -22,7 +22,7 @@ else ENV['NOKOGIRI_USE_SYSTEM_LIBRARIES'] ||= "true" end end -gem 'rails', '= 6.0.0' +gem 'rails', '= 6.0.6' #gem 'railties', '= 5.1.7' gem 'auto_strip_attributes', '2.6.0' #gem 'protected_attributes' @@ -36,6 +36,7 @@ gem 'nokogiri'#, '1.10.10' # added to pin before 1.11.0, which requires at leaos gem 'sprockets', '3.6.3' # added to pin before 4.0.0, which requiurse at least ruby 2.5 gem 'fog-brightbox'#, '0.11.0' # pinned until we are on ruby 2.5; then remove gem 'faraday'#, '0.9.2' # pinned untnil we are on ruby 2.5; then remove +gem 'faraday-multipart' gem 'ruby-prof'#, '0.15.9' # pinned until we are on ruby 2.5; then remove gem 'rubyzip'#, '1.2.1' # pinned until we are on ruby 2.5; then remove gem 'recurly', '2.18.16' # should upgrade to 3.x when we have time to validaate @@ -45,8 +46,8 @@ gem 'redis'#, '3.3.3' # pinned until we are on 2.5; then remove gem 'redis-namespace'#, '1.5.3' # pinned until we are on 2.5; then remove gem 'oj' #, '3.1.3' # pinned until we are on 2.5; then remove gem 'bcrypt', '3.1.13' -gem 'sass-rails', '5.0.7' # compiler mismatch issue between build and www -gem 'sass', '3.5.5 '# compiler mismatch issue between build and www +gem 'sass-rails'#, '5.0.7' # compiler mismatch issue between build and www +#gem 'sass', '3.5.5 '# compiler mismatch issue between build and www #1###### gem 'responders'#, '~> 2.0' @@ -74,7 +75,7 @@ gem 'ruby-protocol-buffers', '1.2.2' gem 'pg' # , '0.17.1' #gem 'compass-rails' #, '1.1.3' # 1.1.4 throws an exception on startup about !initialize on nil #gem "compass-rails", github: "Compass/compass-rails", branch: "master" -gem 'rabl', '0.13.1' # 0.14.3 has error on jenkins build server in ubuntu 12 +gem 'rabl', '0.16.1' # 0.14.3 has error on jenkins build server in ubuntu 12 gem 'gon', '~>4.1.0' # for passthrough of Ruby variables to Javascript variables gem 'eventmachine', "1.2.3" #, '1.0.4' #gem 'faraday', '~>0.9.0' @@ -162,12 +163,13 @@ gem 'rails-controller-testing' gem 'bootsnap', '>= 1.1.0', require: false -gem 'activestorage', '~> 5.2' +gem 'activestorage', '~> 6.0.0' gem 'net-ssh' gem 'xmlrpc' +gem "mimemagic", "~> 0.3.6" if ENV['FASTER_PATH'] == '1' # https://github.com/danielpclark/faster_path diff --git a/web/Gemfile.lock b/web/Gemfile.lock index cc9c7ce6f..534f21ed7 100644 --- a/web/Gemfile.lock +++ b/web/Gemfile.lock @@ -15,50 +15,65 @@ PATH GEM remote: http://rubygems.org/ + remote: https://rails-assets.org/ specs: aasm (5.4.0) concurrent-ruby (~> 1.0) - actioncable (5.2.8) - actionpack (= 5.2.8) + actioncable (6.0.6) + actionpack (= 6.0.6) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailer (5.2.8) - actionpack (= 5.2.8) - actionview (= 5.2.8) - activejob (= 5.2.8) + actionmailbox (6.0.6) + actionpack (= 6.0.6) + activejob (= 6.0.6) + activerecord (= 6.0.6) + activestorage (= 6.0.6) + activesupport (= 6.0.6) + mail (>= 2.7.1) + actionmailer (6.0.6) + actionpack (= 6.0.6) + actionview (= 6.0.6) + activejob (= 6.0.6) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.2.8) - actionview (= 5.2.8) - activesupport (= 5.2.8) + actionpack (6.0.6) + actionview (= 6.0.6) + activesupport (= 6.0.6) rack (~> 2.0, >= 2.0.8) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.2.8) - activesupport (= 5.2.8) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actiontext (6.0.6) + actionpack (= 6.0.6) + activerecord (= 6.0.6) + activestorage (= 6.0.6) + activesupport (= 6.0.6) + nokogiri (>= 1.8.5) + actionview (6.0.6) + activesupport (= 6.0.6) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (5.2.8) - activesupport (= 5.2.8) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activejob (6.0.6) + activesupport (= 6.0.6) globalid (>= 0.3.6) - activemodel (5.2.8) - activesupport (= 5.2.8) - activerecord (5.2.8) - activemodel (= 5.2.8) - activesupport (= 5.2.8) - arel (>= 9.0) - activestorage (5.2.8) - actionpack (= 5.2.8) - activerecord (= 5.2.8) - marcel (~> 1.0.0) - activesupport (5.2.8) + activemodel (6.0.6) + activesupport (= 6.0.6) + activerecord (6.0.6) + activemodel (= 6.0.6) + activesupport (= 6.0.6) + activestorage (6.0.6) + actionpack (= 6.0.6) + activejob (= 6.0.6) + activerecord (= 6.0.6) + marcel (~> 1.0) + activesupport (6.0.6) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) + zeitwerk (~> 2.2, >= 2.2.2) addressable (2.8.1) public_suffix (>= 2.0.2, < 6.0) amq-client (0.9.12) @@ -69,7 +84,6 @@ GEM amq-client (~> 0.9.5) amq-protocol (>= 0.9.4) eventmachine - arel (9.0.0) arr-pm (0.0.12) auto_strip_attributes (2.6.0) activerecord (>= 4.0) @@ -88,7 +102,7 @@ GEM execjs (~> 2.0) backports (3.23.0) bcrypt (3.1.13) - bootsnap (1.13.0) + bootsnap (1.14.0) msgpack (~> 1.2) bootstrap-will_paginate (0.0.6) will_paginate @@ -111,7 +125,7 @@ GEM launchy carmen (1.1.3) activesupport (>= 3.0.0) - carrierwave (2.2.2) + carrierwave (2.2.3) activemodel (>= 5.0.0) activesupport (>= 5.0.0) addressable (~> 2.6) @@ -123,7 +137,7 @@ GEM carrierwave (>= 2.2.0) fog-aws cause (0.1) - childprocess (3.0.0) + childprocess (4.1.0) clamp (1.0.1) coderay (1.1.3) coffee-rails (5.0.0) @@ -154,7 +168,7 @@ GEM domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) dotenv (2.8.1) - dry-inflector (0.2.0) + dry-inflector (1.0.0) elastic-transport (8.1.0) faraday (< 3) multi_json @@ -364,32 +378,38 @@ GEM mime-types (3.4.1) mime-types-data (~> 3.2015) mime-types-data (3.2022.0105) + mimemagic (0.3.10) + nokogiri (~> 1) + rake mini_magick (4.11.0) mini_mime (1.1.2) - mini_portile2 (2.6.1) - minitest (5.15.0) + mini_portile2 (2.8.0) + minitest (5.16.3) mono_logger (1.1.1) msgpack (1.6.0) multi_json (1.15.0) multi_xml (0.6.0) multipart-post (2.2.3) mustache (0.99.8) - mustermann (2.0.2) + mustermann (3.0.0) ruby2_keywords (~> 0.0.1) naught (1.1.0) - net-ssh (6.1.0) + net-ssh (7.0.1) netaddr (1.5.1) netrc (0.11.0) - newrelic_rpm (8.13.0) + newrelic_rpm (8.13.1) nio4r (2.5.8) - nokogiri (1.12.5) - mini_portile2 (~> 2.6.1) + nokogiri (1.13.9) + mini_portile2 (~> 2.8.0) racc (~> 1.4) non-stupid-digest-assets (1.0.9) sprockets (>= 2.0) - oauth (0.6.2) + oauth (1.1.0) + oauth-tty (~> 1.0, >= 1.0.1) snaky_hash (~> 2.0) version_gem (~> 1.1) + oauth-tty (1.0.5) + version_gem (~> 1.1, >= 1.1.1) oauth2 (1.4.11) faraday (>= 0.17.3, < 3.0) jwt (>= 1.0, < 3.0) @@ -434,7 +454,7 @@ GEM insist mustache (= 0.99.8) stud - postgres-copy (1.6.1) + postgres-copy (1.7.0) activerecord (>= 5.1) pg (>= 0.17) power_assert (2.0.2) @@ -448,35 +468,42 @@ GEM pry (0.14.1) coderay (~> 1.1) method_source (~> 1.0) - public_suffix (4.0.7) + public_suffix (5.0.0) puma (6.0.0) nio4r (~> 2.0) raabro (1.4.0) - rabl (0.13.1) + rabl (0.16.1) activesupport (>= 2.3.14) racc (1.6.0) rack (2.2.4) rack-cors (1.1.1) rack (>= 2.0.0) - rack-protection (2.2.2) + rack-protection (3.0.3) rack rack-proxy (0.7.4) rack rack-test (2.0.2) rack (>= 1.3) - rails (5.2.8) - actioncable (= 5.2.8) - actionmailer (= 5.2.8) - actionpack (= 5.2.8) - actionview (= 5.2.8) - activejob (= 5.2.8) - activemodel (= 5.2.8) - activerecord (= 5.2.8) - activestorage (= 5.2.8) - activesupport (= 5.2.8) + rails (6.0.6) + actioncable (= 6.0.6) + actionmailbox (= 6.0.6) + actionmailer (= 6.0.6) + actionpack (= 6.0.6) + actiontext (= 6.0.6) + actionview (= 6.0.6) + activejob (= 6.0.6) + activemodel (= 6.0.6) + activerecord (= 6.0.6) + activestorage (= 6.0.6) + activesupport (= 6.0.6) bundler (>= 1.3.0) - railties (= 5.2.8) + railties (= 6.0.6) sprockets-rails (>= 2.0.0) + rails-assets-bluebird (3.5.4) + rails-assets-classnames (2.3.2) + rails-assets-react-select (2.4.3) + rails-assets-reflux (0.3.0) + rails-assets-regenerator (0.4.8) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -488,12 +515,12 @@ GEM loofah (~> 2.3) rails-observers (0.1.5) activemodel (>= 4.0) - railties (5.2.8) - actionpack (= 5.2.8) - activesupport (= 5.2.8) + railties (6.0.6) + actionpack (= 6.0.6) + activesupport (= 6.0.6) method_source rake (>= 0.8.7) - thor (>= 0.19.0, < 2.0) + thor (>= 0.20.3, < 2.0) raindrops (0.20.0) rake (13.0.6) rb-fsevent (0.11.2) @@ -580,20 +607,21 @@ GEM sanitize (6.0.0) crass (~> 1.0.2) nokogiri (>= 1.12.0) - sass (3.5.5) - sass-listen (~> 4.0.0) - sass-listen (4.0.0) - rb-fsevent (~> 0.9, >= 0.9.4) - rb-inotify (~> 0.9, >= 0.9.7) - sass-rails (5.0.7) - railties (>= 4.0.0, < 6) - sass (~> 3.1) - sprockets (>= 2.8, < 4.0) - sprockets-rails (>= 2.0, < 4.0) - tilt (>= 1.1, < 3) - selenium-webdriver (3.142.7) - childprocess (>= 0.5, < 4.0) - rubyzip (>= 1.2.2) + sass-rails (6.0.0) + sassc-rails (~> 2.1, >= 2.1.1) + sassc (2.4.0) + ffi (~> 1.9) + sassc-rails (2.1.2) + railties (>= 4.0.0) + sassc (>= 2.0) + sprockets (> 3.0) + sprockets-rails + tilt + selenium-webdriver (4.6.1) + childprocess (>= 0.5, < 5.0) + rexml (~> 3.2, >= 3.2.5) + rubyzip (>= 1.2.2, < 3.0) + websocket (~> 1.0) sendgrid (1.2.0) json sendgrid_toolkit (1.4.0) @@ -612,10 +640,10 @@ GEM simplecov-html (0.7.1) simplecov-rcov (0.3.1) simplecov (>= 0.4.1) - sinatra (2.2.2) - mustermann (~> 2.0) - rack (~> 2.2) - rack-protection (= 2.2.2) + sinatra (3.0.3) + mustermann (~> 3.0) + rack (~> 2.2, >= 2.2.4) + rack-protection (= 3.0.3) tilt (~> 2.0) sitemap_generator (6.3.0) builder (~> 3.0) @@ -637,7 +665,7 @@ GEM actionpack (>= 3.0) activesupport (>= 3.0) sprockets (>= 2.8, < 4.0) - ssrf_filter (1.0.8) + ssrf_filter (1.1.1) stripe (8.0.0) stud (0.0.23) temple (0.8.2) @@ -675,10 +703,10 @@ GEM version_gem (1.1.1) warden (1.2.9) rack (>= 2.0.9) - webdrivers (4.6.1) + webdrivers (4.7.0) nokogiri (~> 1.6) rubyzip (>= 1.3.0) - selenium-webdriver (>= 3.0, < 4.0) + selenium-webdriver (> 3.141, < 5.0) webmock (3.18.1) addressable (>= 2.8.0) crack (>= 0.3.2) @@ -688,6 +716,7 @@ GEM rack-proxy (>= 0.6.1) railties (>= 4.2) webrick (1.7.0) + websocket (1.2.9) websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) @@ -698,23 +727,15 @@ GEM webrick xpath (3.2.0) nokogiri (~> 1.8) + zeitwerk (2.6.6) zip-codes (0.2.1) -GEM - remote: https://rails-assets.org/ - specs: - rails-assets-bluebird (3.5.4) - rails-assets-classnames (2.3.2) - rails-assets-react-select (2.4.3) - rails-assets-reflux (0.3.0) - rails-assets-regenerator (0.4.8) - PLATFORMS - -darwin-21 + ruby DEPENDENCIES aasm - activestorage (~> 5.2) + activestorage (~> 6.0.0) amqp (= 0.9.8) auto_strip_attributes (= 2.6.0) aws-sdk (~> 1) @@ -743,6 +764,7 @@ DEPENDENCIES factory_girl_rails faker (= 1.3.0) faraday + faraday-multipart fog fog-brightbox fpm (= 1.14.1) @@ -766,6 +788,7 @@ DEPENDENCIES launchy (= 2.1.1) listen (>= 3.0.5, < 3.2) logging (= 1.7.2) + mimemagic (~> 0.3.6) multi_json net-ssh netaddr (= 1.5.1) @@ -785,10 +808,10 @@ DEPENDENCIES protected_attributes_continued pry puma - rabl (= 0.13.1) + rabl (= 0.16.1) rack-cors (~> 1.0, >= 1.0.6) rack-test - rails (= 5.2.8) + rails (= 6.0.6) rails-assets-bluebird! rails-assets-classnames! rails-assets-react-select! @@ -817,8 +840,7 @@ DEPENDENCIES ruby-protocol-buffers (= 1.2.2) rubyzip sanitize - sass (= 3.5.5) - sass-rails (= 5.0.7) + sass-rails selenium-webdriver sendgrid (= 1.2.0) sendgrid_toolkit (>= 1.1.1) @@ -848,7 +870,7 @@ DEPENDENCIES zip-codes RUBY VERSION - ruby 2.5.7p206 + ruby 2.7.0p0 BUNDLED WITH - 2.3.26 + 2.1.2 diff --git a/web/Gemfile.lock.bk b/web/Gemfile.lock.bk index 2e7263dd2..163ab61b6 100644 --- a/web/Gemfile.lock.bk +++ b/web/Gemfile.lock.bk @@ -16,55 +16,65 @@ PATH GEM remote: http://rubygems.org/ specs: - CFPropertyList (2.3.6) aasm (5.4.0) concurrent-ruby (~> 1.0) - actioncable (5.2.0) - actionpack (= 5.2.0) + actioncable (6.0.6) + actionpack (= 6.0.6) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailer (5.2.0) - actionpack (= 5.2.0) - actionview (= 5.2.0) - activejob (= 5.2.0) + actionmailbox (6.0.6) + actionpack (= 6.0.6) + activejob (= 6.0.6) + activerecord (= 6.0.6) + activestorage (= 6.0.6) + activesupport (= 6.0.6) + mail (>= 2.7.1) + actionmailer (6.0.6) + actionpack (= 6.0.6) + actionview (= 6.0.6) + activejob (= 6.0.6) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.2.0) - actionview (= 5.2.0) - activesupport (= 5.2.0) - rack (~> 2.0) + actionpack (6.0.6) + actionview (= 6.0.6) + activesupport (= 6.0.6) + rack (~> 2.0, >= 2.0.8) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.2.0) - activesupport (= 5.2.0) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actiontext (6.0.6) + actionpack (= 6.0.6) + activerecord (= 6.0.6) + activestorage (= 6.0.6) + activesupport (= 6.0.6) + nokogiri (>= 1.8.5) + actionview (6.0.6) + activesupport (= 6.0.6) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (5.2.0) - activesupport (= 5.2.0) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activejob (6.0.6) + activesupport (= 6.0.6) globalid (>= 0.3.6) - activemodel (5.2.0) - activesupport (= 5.2.0) - activerecord (5.2.0) - activemodel (= 5.2.0) - activesupport (= 5.2.0) - arel (>= 9.0) - activestorage (5.2.0) - actionpack (= 5.2.0) - activerecord (= 5.2.0) - marcel (~> 0.3.1) - activesupport (5.2.0) + activemodel (6.0.6) + activesupport (= 6.0.6) + activerecord (6.0.6) + activemodel (= 6.0.6) + activesupport (= 6.0.6) + activestorage (6.0.6) + actionpack (= 6.0.6) + activejob (= 6.0.6) + activerecord (= 6.0.6) + marcel (~> 1.0) + activesupport (6.0.6) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) + zeitwerk (~> 2.2, >= 2.2.2) addressable (2.8.1) public_suffix (>= 2.0.2, < 6.0) - aliyun-sdk (0.8.0) - nokogiri (~> 1.6) - rest-client (~> 2.0) amq-client (0.9.12) amq-protocol (>= 1.2.0) eventmachine @@ -73,7 +83,6 @@ GEM amq-client (~> 0.9.5) amq-protocol (>= 0.9.4) eventmachine - arel (9.0.0) arr-pm (0.0.12) auto_strip_attributes (2.6.0) activerecord (>= 4.0) @@ -92,7 +101,7 @@ GEM execjs (~> 2.0) backports (3.23.0) bcrypt (3.1.13) - bootsnap (1.12.0) + bootsnap (1.13.0) msgpack (~> 1.2) bootstrap-will_paginate (0.0.6) will_paginate @@ -127,8 +136,7 @@ GEM carrierwave (>= 2.2.0) fog-aws cause (0.1) - childprocess (0.9.0) - ffi (~> 1.0, >= 1.0.11) + childprocess (3.0.0) clamp (1.0.1) coderay (1.1.3) coffee-rails (5.0.0) @@ -139,7 +147,7 @@ GEM execjs coffee-script-source (1.12.2) concurrent-ruby (1.1.10) - connection_pool (2.2.5) + connection_pool (2.3.0) crack (0.4.5) rexml crass (1.0.6) @@ -159,22 +167,22 @@ GEM domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) dotenv (2.8.1) - elasticsearch (7.4.0) - elasticsearch-api (= 7.4.0) - elasticsearch-transport (= 7.4.0) - elasticsearch-api (7.4.0) + dry-inflector (0.2.0) + elastic-transport (8.1.0) + faraday (< 3) multi_json - elasticsearch-transport (7.4.0) - faraday + elasticsearch (8.5.1) + elastic-transport (~> 8) + elasticsearch-api (= 8.5.1) + elasticsearch-api (8.5.1) multi_json em-websocket (0.5.3) eventmachine (>= 0.12.9) http_parser.rb (~> 0) - email_validator (1.6.0) + email_validator (2.2.4) activemodel equalizer (0.0.11) erubi (1.11.0) - erubis (2.7.0) et-orbi (1.2.7) tzinfo eventmachine (1.2.3) @@ -188,159 +196,68 @@ GEM railties (>= 3.0.0) faker (1.3.0) i18n (~> 0.5) - faraday (0.9.2) - multipart-post (>= 1.2, < 3) + faraday (1.10.2) + faraday-em_http (~> 1.0) + faraday-em_synchrony (~> 1.0) + faraday-excon (~> 1.1) + faraday-httpclient (~> 1.0) + faraday-multipart (~> 1.0) + faraday-net_http (~> 1.0) + faraday-net_http_persistent (~> 1.0) + faraday-patron (~> 1.0) + faraday-rack (~> 1.0) + faraday-retry (~> 1.0) + ruby2_keywords (>= 0.0.4) + faraday-em_http (1.0.0) + faraday-em_synchrony (1.0.0) + faraday-excon (1.1.0) + faraday-httpclient (1.0.1) + faraday-multipart (1.0.4) + multipart-post (~> 2) + faraday-net_http (1.0.1) + faraday-net_http_persistent (1.2.0) + faraday-patron (1.0.0) + faraday-rack (1.0.0) + faraday-retry (1.0.3) ffi (1.15.5) ffi-compiler (1.0.1) ffi (>= 1.0.0) rake - fission (0.5.0) - CFPropertyList (~> 2.2) - fog (1.41.0) - fog-aliyun (>= 0.1.0) - fog-atmos - fog-aws (>= 0.6.0) - fog-brightbox (~> 0.4) - fog-cloudatcost (~> 0.1.0) - fog-core (~> 1.45) - fog-digitalocean (>= 0.3.0) - fog-dnsimple (~> 1.0) - fog-dynect (~> 0.0.2) - fog-ecloud (~> 0.1) - fog-google (<= 0.1.0) - fog-internet-archive - fog-joyent + fog (1.24.0) + fog-brightbox + fog-core (~> 1.23) fog-json - fog-local - fog-openstack - fog-powerdns (>= 0.1.1) - fog-profitbricks - fog-rackspace fog-radosgw (>= 0.0.2) - fog-riakcs fog-sakuracloud (>= 0.0.4) - fog-serverlove fog-softlayer - fog-storm_on_demand - fog-terremark - fog-vmfusion - fog-voxel - fog-vsphere (>= 0.4.0) - fog-xenserver - fog-xml (~> 0.1.1) ipaddress (~> 0.5) - json (>= 1.8, < 2.0) - fog-aliyun (0.4.0) - addressable (~> 2.8.0) - aliyun-sdk (~> 0.8.0) - fog-core - fog-json - ipaddress (~> 0.8) - xml-simple (~> 1.1) - fog-atmos (0.1.0) - fog-core - fog-xml + nokogiri (~> 1.5, >= 1.5.11) fog-aws (2.0.1) fog-core (~> 1.38) fog-json (~> 1.0) fog-xml (~> 0.1) ipaddress (~> 0.8) - fog-brightbox (0.11.0) - fog-core (~> 1.22) + fog-brightbox (1.8.0) + dry-inflector + fog-core (>= 1.45, < 3.0) fog-json - inflecto (~> 0.0.2) - fog-cloudatcost (0.1.2) - fog-core (~> 1.36) - fog-json (~> 1.0) - fog-xml (~> 0.1) - ipaddress (~> 0.8) fog-core (1.45.0) builder excon (~> 0.58) formatador (~> 0.2) - fog-digitalocean (0.4.0) - fog-core - fog-json - fog-xml - ipaddress (>= 0.5) - fog-dnsimple (1.0.0) - fog-core (~> 1.38) - fog-json (~> 1.0) - fog-dynect (0.0.3) - fog-core - fog-json - fog-xml - fog-ecloud (0.3.0) - fog-core - fog-xml - fog-google (0.1.0) - fog-core - fog-json - fog-xml - fog-internet-archive (0.0.2) - fog-core - fog-json - fog-xml - fog-joyent (0.0.1) - fog-core (~> 1.42) - fog-json (>= 1.0) fog-json (1.2.0) fog-core multi_json (~> 1.10) - fog-local (0.8.0) - fog-core (>= 1.27, < 3.0) - fog-openstack (0.3.10) - fog-core (>= 1.45, <= 2.1.0) - fog-json (>= 1.0) - ipaddress (>= 0.8) - fog-powerdns (0.2.0) - fog-core - fog-json - fog-xml - fog-profitbricks (4.1.1) - fog-core (~> 1.42) - fog-json (~> 1.0) - fog-rackspace (0.1.6) - fog-core (>= 1.35) - fog-json (>= 1.0) - fog-xml (>= 0.1) - ipaddress (>= 0.8) fog-radosgw (0.0.5) fog-core (>= 1.21.0) fog-json fog-xml (>= 0.0.1) - fog-riakcs (0.1.0) - fog-core - fog-json - fog-xml fog-sakuracloud (1.7.5) fog-core fog-json - fog-serverlove (0.1.2) - fog-core - fog-json fog-softlayer (1.1.4) fog-core fog-json - fog-storm_on_demand (0.1.1) - fog-core - fog-json - fog-terremark (0.1.0) - fog-core - fog-xml - fog-vmfusion (0.1.0) - fission - fog-core - fog-voxel (0.1.0) - fog-core - fog-xml - fog-vsphere (3.5.2) - fog-core - rbvmomi (>= 1.9, < 3) - fog-xenserver (1.0.0) - fog-core - fog-xml - xmlrpc fog-xml (0.1.4) fog-core nokogiri (>= 1.5.11, < 2.0.0) @@ -365,8 +282,8 @@ GEM git (1.12.0) addressable (~> 2.8) rchardet (~> 1.8) - globalid (0.4.2) - activesupport (>= 4.2.0) + globalid (1.0.0) + activesupport (>= 5.0) god (0.13.7) gon (4.1.1) actionpack (>= 2.3.0) @@ -382,22 +299,17 @@ GEM retriable (>= 1.4) signet (>= 0.5.0) uuidtools (>= 2.1.0) - haml (5.1.2) - temple (>= 0.8.0) + haml (6.0.10) + temple (>= 0.8.2) + thor tilt - haml-rails (1.0.0) - actionpack (>= 4.0.1) - activesupport (>= 4.0.1) - haml (>= 4.0.6, < 6.0) - html2haml (>= 1.0.1) - railties (>= 4.0.1) + haml-rails (2.1.0) + actionpack (>= 5.1) + activesupport (>= 5.1) + haml (>= 4.0.6) + railties (>= 5.1) hashdiff (1.0.1) hashie (5.0.0) - html2haml (2.3.0) - erubis (~> 2.7.0) - haml (>= 4.0) - nokogiri (>= 1.6.0) - ruby_parser (~> 3.5) htmlentities (4.3.4) http (4.4.1) addressable (~> 2.3) @@ -416,11 +328,12 @@ GEM multi_xml (>= 0.5.2) i18n (0.9.5) concurrent-ruby (~> 1.0) - icalendar (2.4.0) + icalendar (2.8.0) + ice_cube (~> 0.16) + ice_cube (0.16.4) image_processing (1.12.2) mini_magick (>= 4.9.5, < 5) ruby-vips (>= 2.0.17, < 3) - inflecto (0.0.2) influxdb (0.3.14) cause json @@ -437,10 +350,10 @@ GEM jquery-ui-rails (4.2.1) railties (>= 3.2.16) json (1.8.6) - jwt (2.3.0) + jwt (2.5.0) kgio (2.11.4) - kickbox (2.0.4) - faraday (~> 0.9) + kickbox (2.0.5) + faraday (~> 1.0) json (>= 1.8) language_list (1.2.1) launchy (2.1.1) @@ -457,8 +370,7 @@ GEM nokogiri (>= 1.5.9) mail (2.7.1) mini_mime (>= 0.1.1) - marcel (0.3.3) - mimemagic (~> 0.3.2) + marcel (1.0.2) memoizable (0.4.2) thread_safe (~> 0.3, >= 0.3.1) method_source (1.0.0) @@ -470,7 +382,7 @@ GEM rake mini_magick (4.11.0) mini_mime (1.1.2) - mini_portile2 (2.4.0) + mini_portile2 (2.6.1) minitest (5.15.0) mono_logger (1.1.1) msgpack (1.6.0) @@ -481,26 +393,26 @@ GEM mustermann (2.0.2) ruby2_keywords (~> 0.0.1) naught (1.1.0) + net-ssh (6.1.0) netaddr (1.5.1) netrc (0.11.0) - newrelic_rpm (8.12.0) + newrelic_rpm (8.13.0) nio4r (2.5.8) - nokogiri (1.10.10) - mini_portile2 (~> 2.4.0) - nokogumbo (2.0.5) - nokogiri (~> 1.8, >= 1.8.4) + nokogiri (1.12.5) + mini_portile2 (~> 2.6.1) + racc (~> 1.4) non-stupid-digest-assets (1.0.9) sprockets (>= 2.0) oauth (0.6.2) snaky_hash (~> 2.0) version_gem (~> 1.1) - oauth2 (1.4.8) - faraday (>= 0.8, < 3.0) + oauth2 (1.4.11) + faraday (>= 0.17.3, < 3.0) jwt (>= 1.0, < 3.0) multi_json (~> 1.3) multi_xml (~> 0.5) - rack (>= 1.2, < 3) - oj (3.1.3) + rack (>= 1.2, < 4) + oj (3.13.23) omniauth (1.9.2) hashie (>= 3.4.6) rack (>= 1.6.2, < 3) @@ -523,15 +435,14 @@ GEM omniauth-twitter (1.4.0) omniauth-oauth (~> 1.1) rack - optimist (3.0.1) orm_adapter (0.5.0) paypal-sdk-core (0.3.4) multi_json (~> 1.0) xml-simple paypal-sdk-merchant-jk (1.118.1) paypal-sdk-core (~> 0.3.0) - pdf-core (0.7.0) - pg (1.2.3) + pdf-core (0.9.0) + pg (1.4.5) pleaserun (0.0.32) cabin (> 0) clamp @@ -543,9 +454,9 @@ GEM activerecord (>= 5.1) pg (>= 0.17) power_assert (2.0.2) - prawn (2.2.2) - pdf-core (~> 0.7.0) - ttfunk (~> 1.5) + prawn (2.4.0) + pdf-core (~> 0.9.0) + ttfunk (~> 1.7) prawn-table (0.2.2) prawn (>= 1.3.0, < 3.0.0) protected_attributes_continued (1.8.2) @@ -557,8 +468,9 @@ GEM puma (6.0.0) nio4r (~> 2.0) raabro (1.4.0) - rabl (0.13.1) + rabl (0.16.1) activesupport (>= 2.3.14) + racc (1.6.0) rack (2.2.4) rack-cors (1.1.1) rack (>= 2.0.0) @@ -568,18 +480,20 @@ GEM rack rack-test (2.0.2) rack (>= 1.3) - rails (5.2.0) - actioncable (= 5.2.0) - actionmailer (= 5.2.0) - actionpack (= 5.2.0) - actionview (= 5.2.0) - activejob (= 5.2.0) - activemodel (= 5.2.0) - activerecord (= 5.2.0) - activestorage (= 5.2.0) - activesupport (= 5.2.0) + rails (6.0.6) + actioncable (= 6.0.6) + actionmailbox (= 6.0.6) + actionmailer (= 6.0.6) + actionpack (= 6.0.6) + actiontext (= 6.0.6) + actionview (= 6.0.6) + activejob (= 6.0.6) + activemodel (= 6.0.6) + activerecord (= 6.0.6) + activestorage (= 6.0.6) + activesupport (= 6.0.6) bundler (>= 1.3.0) - railties (= 5.2.0) + railties (= 6.0.6) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) @@ -592,22 +506,17 @@ GEM loofah (~> 2.3) rails-observers (0.1.5) activemodel (>= 4.0) - railties (5.2.0) - actionpack (= 5.2.0) - activesupport (= 5.2.0) + railties (6.0.6) + actionpack (= 6.0.6) + activesupport (= 6.0.6) method_source rake (>= 0.8.7) - thor (>= 0.18.1, < 2.0) + thor (>= 0.20.3, < 2.0) raindrops (0.20.0) rake (13.0.6) rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - rbvmomi (2.4.1) - builder (~> 3.0) - json (>= 1.8) - nokogiri (~> 1.5) - optimist (~> 3.0) rchardet (1.8.0) react-rails (1.3.3) babel-transpiler (>= 0.7.0) @@ -617,9 +526,9 @@ GEM rails (>= 3.2) tilt recurly (2.18.16) - redis (3.3.3) - redis-namespace (1.5.3) - redis (~> 3.0, >= 3.0.4) + redis (3.3.5) + redis-namespace (1.8.2) + redis (>= 3.0.4) regexp_parser (1.8.2) responders (3.0.1) actionpack (>= 5.0) @@ -677,40 +586,35 @@ GEM rspec-mocks (~> 3.10) rspec-support (~> 3.10) rspec-support (3.12.0) - ruby-prof (0.15.9) + ruby-prof (1.4.3) ruby-protocol-buffers (1.2.2) ruby-vips (2.1.4) ffi (~> 1.12) ruby2_keywords (0.0.5) ruby_dep (1.5.0) - ruby_parser (3.19.1) - sexp_processor (~> 4.16) - rubyzip (1.2.1) + rubyzip (2.3.2) rufus-scheduler (3.8.2) fugit (~> 1.1, >= 1.1.6) - sanitize (5.2.3) + sanitize (6.0.0) crass (~> 1.0.2) - nokogiri (>= 1.8.0) - nokogumbo (~> 2.0) - sass (3.5.5) - sass-listen (~> 4.0.0) - sass-listen (4.0.0) - rb-fsevent (~> 0.9, >= 0.9.4) - rb-inotify (~> 0.9, >= 0.9.7) - sass-rails (5.0.7) - railties (>= 4.0.0, < 6) - sass (~> 3.1) - sprockets (>= 2.8, < 4.0) - sprockets-rails (>= 2.0, < 4.0) - tilt (>= 1.1, < 3) - selenium-webdriver (3.14.0) - childprocess (~> 0.5) - rubyzip (~> 1.2) + nokogiri (>= 1.12.0) + sass-rails (6.0.0) + sassc-rails (~> 2.1, >= 2.1.1) + sassc (2.4.0) + ffi (~> 1.9) + sassc-rails (2.1.2) + railties (>= 4.0.0) + sassc (>= 2.0) + sprockets (> 3.0) + sprockets-rails + tilt + selenium-webdriver (3.142.7) + childprocess (>= 0.5, < 4.0) + rubyzip (>= 1.2.2) sendgrid (1.2.0) json sendgrid_toolkit (1.4.0) httparty (>= 0.7.6) - sexp_processor (4.16.1) show_me_the_cookies (6.0.0) capybara (>= 2, < 4) signet (0.5.0) @@ -751,7 +655,7 @@ GEM activesupport (>= 3.0) sprockets (>= 2.8, < 4.0) ssrf_filter (1.0.8) - stripe (7.1.0) + stripe (8.0.0) stud (0.0.23) temple (0.8.2) test-unit (3.5.5) @@ -760,7 +664,7 @@ GEM thread_safe (0.3.6) tilt (2.0.11) timecop (0.9.5) - ttfunk (1.6.2.1) + ttfunk (1.7.0) twitter (7.0.0) addressable (~> 2.3) buftok (~> 0.2.0) @@ -788,9 +692,9 @@ GEM version_gem (1.1.1) warden (1.2.9) rack (>= 2.0.9) - webdrivers (4.1.2) + webdrivers (4.6.1) nokogiri (~> 1.6) - rubyzip (~> 1.0) + rubyzip (>= 1.3.0) selenium-webdriver (>= 3.0, < 4.0) webmock (3.18.1) addressable (>= 2.8.0) @@ -811,6 +715,7 @@ GEM webrick xpath (3.2.0) nokogiri (~> 1.8) + zeitwerk (2.6.6) zip-codes (0.2.1) GEM @@ -827,7 +732,7 @@ PLATFORMS DEPENDENCIES aasm - activestorage (~> 5.2) + activestorage (~> 6.0.0) amqp (= 0.9.8) auto_strip_attributes (= 2.6.0) aws-sdk (~> 1) @@ -850,23 +755,23 @@ DEPENDENCIES devise elasticsearch em-websocket (>= 0.4.0) - email_validator (= 1.6.0) + email_validator eventmachine (= 1.2.3) execjs (= 2.6.0) factory_girl_rails faker (= 1.3.0) - faraday (= 0.9.2) + faraday + faraday-multipart fog - fog-brightbox (= 0.11.0) + fog-brightbox fpm (= 1.14.1) geokit-rails god gon (~> 4.1.0) google-api-client - haml (= 5.1.2) - haml-rails (= 1.0.0) + haml-rails htmlentities - icalendar (= 2.4.0) + icalendar influxdb (= 0.3.14) influxdb-rails (= 0.1.12) iso-639 @@ -880,12 +785,14 @@ DEPENDENCIES launchy (= 2.1.1) listen (>= 3.0.5, < 3.2) logging (= 1.7.2) + mimemagic (~> 0.3.6) multi_json + net-ssh netaddr (= 1.5.1) newrelic_rpm - nokogiri (= 1.10.10) + nokogiri non-stupid-digest-assets - oj (= 3.1.3) + oj omniauth omniauth-facebook omniauth-google-oauth2 (= 0.8.2) @@ -898,10 +805,10 @@ DEPENDENCIES protected_attributes_continued pry puma - rabl (= 0.13.1) + rabl (= 0.16.1) rack-cors (~> 1.0, >= 1.0.6) rack-test - rails (= 5.2.0) + rails (= 6.0.6) rails-assets-bluebird! rails-assets-classnames! rails-assets-react-select! @@ -911,8 +818,8 @@ DEPENDENCIES rails-observers react-rails (= 1.3.3) recurly (= 2.18.16) - redis (= 3.3.3) - redis-namespace (= 1.5.3) + redis + redis-namespace responders resque resque-dynamic-queues @@ -926,12 +833,11 @@ DEPENDENCIES retriable (= 3.0.1) rspec-collection_matchers rspec-rails - ruby-prof (= 0.15.9) + ruby-prof ruby-protocol-buffers (= 1.2.2) - rubyzip (= 1.2.1) + rubyzip sanitize - sass (= 3.5.5) - sass-rails (= 5.0.7) + sass-rails selenium-webdriver sendgrid (= 1.2.0) sendgrid_toolkit (>= 1.1.1) @@ -957,10 +863,11 @@ DEPENDENCIES webmock (~> 3.11, >= 3.11.2) webpacker (= 4.3.0) will_paginate + xmlrpc zip-codes RUBY VERSION - ruby 2.4.1p111 + ruby 2.5.7p206 BUNDLED WITH - 2.3.12 + 2.3.26 diff --git a/web/app/assets/javascripts/JamServer.js b/web/app/assets/javascripts/JamServer.js index a23989315..f1888fedb 100644 --- a/web/app/assets/javascripts/JamServer.js +++ b/web/app/assets/javascripts/JamServer.js @@ -767,6 +767,7 @@ }; server.onMessage = function (e) { + logger.debug("server.onMessage", e.data); var message = JSON.parse(e.data), messageType = message.type.toLowerCase(), payload = message[messageType], diff --git a/web/app/assets/javascripts/jamsocket.js b/web/app/assets/javascripts/jamsocket.js index 761034b22..28293e03f 100644 --- a/web/app/assets/javascripts/jamsocket.js +++ b/web/app/assets/javascripts/jamsocket.js @@ -36,6 +36,7 @@ // Write your code in the same way as for native WebSocket: var ws = new context.WebSocket(context.gon.websocket_gateway_uri); ws.onopen = function() { + context.alert("websocket connection opened"); var token = $.cookie("remember_token"); // there is a chance the token is invalid at this point // but if it is, login should fail, and we can catch that as an error diff --git a/web/bin/setup b/web/bin/setup index 94fd4d797..5853b5ea8 100755 --- a/web/bin/setup +++ b/web/bin/setup @@ -1,6 +1,5 @@ #!/usr/bin/env ruby require 'fileutils' -include FileUtils # path to your application root. APP_ROOT = File.expand_path('..', __dir__) @@ -9,24 +8,25 @@ def system!(*args) system(*args) || abort("\n== Command #{args} failed ==") end -chdir APP_ROOT do - # This script is a starting point to setup your application. +FileUtils.chdir APP_ROOT do + # This script is a way to setup or update your development environment automatically. + # This script is idempotent, so that you can run it at anytime and get an expectable outcome. # Add necessary setup steps to this file. puts '== Installing dependencies ==' system! 'gem install bundler --conservative' system('bundle check') || system!('bundle install') - # Install JavaScript dependencies if using Yarn + # Install JavaScript dependencies # system('bin/yarn') # puts "\n== Copying sample files ==" # unless File.exist?('config/database.yml') - # cp 'config/database.yml.sample', 'config/database.yml' + # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' # end puts "\n== Preparing database ==" - system! 'bin/rails db:setup' + system! 'bin/rails db:prepare' puts "\n== Removing old logs and tempfiles ==" system! 'bin/rails log:clear tmp:clear' diff --git a/web/config/environments/development.rb b/web/config/environments/development.rb index ff7deeac4..a417d9ed9 100644 --- a/web/config/environments/development.rb +++ b/web/config/environments/development.rb @@ -27,6 +27,7 @@ Rails.application.configure do # Run rails dev:cache to toggle caching. if Rails.root.join('tmp', 'caching-dev.txt').exist? config.action_controller.perform_caching = true + config.action_controller.enable_fragment_cache_logging = true config.cache_store = :memory_store config.public_file_server.headers = { @@ -70,6 +71,8 @@ Rails.application.configure do # routes, locales, etc. This feature depends on the listen gem. config.file_watcher = ActiveSupport::EventedFileUpdateChecker + config.hosts << "www.jamkazam.local" + #==================== # Log error messages when you accidentally call methods on nil. config.whiny_nils = true diff --git a/web/config/initializers/content_security_policy.rb b/web/config/initializers/content_security_policy.rb index d3bcaa5ec..35d0f26fc 100644 --- a/web/config/initializers/content_security_policy.rb +++ b/web/config/initializers/content_security_policy.rb @@ -11,6 +11,8 @@ # policy.object_src :none # policy.script_src :self, :https # policy.style_src :self, :https +# # If you are using webpack-dev-server then specify webpack-dev-server host +# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development? # # Specify URI for violation reports # # policy.report_uri "/csp-violation-report-endpoint" @@ -19,6 +21,9 @@ # If you are using UJS then enable automatic nonce generation # Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } +# Set the nonce only to specific directives +# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) + # Report CSP violations to a specified URI # For further information see the following documentation: # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only diff --git a/web/config/initializers/new_framework_defaults_6_0.rb b/web/config/initializers/new_framework_defaults_6_0.rb new file mode 100644 index 000000000..92240ef5f --- /dev/null +++ b/web/config/initializers/new_framework_defaults_6_0.rb @@ -0,0 +1,45 @@ +# Be sure to restart your server when you modify this file. +# +# This file contains migration options to ease your Rails 6.0 upgrade. +# +# Once upgraded flip defaults one by one to migrate to the new default. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. + +# Don't force requests from old versions of IE to be UTF-8 encoded. +# Rails.application.config.action_view.default_enforce_utf8 = false + +# Embed purpose and expiry metadata inside signed and encrypted +# cookies for increased security. +# +# This option is not backwards compatible with earlier Rails versions. +# It's best enabled when your entire app is migrated and stable on 6.0. +# Rails.application.config.action_dispatch.use_cookies_with_metadata = true + +# Change the return value of `ActionDispatch::Response#content_type` to Content-Type header without modification. +# Rails.application.config.action_dispatch.return_only_media_type_on_content_type = false + +# Return false instead of self when enqueuing is aborted from a callback. +# Rails.application.config.active_job.return_false_on_aborted_enqueue = true + +# Send Active Storage analysis and purge jobs to dedicated queues. +# Rails.application.config.active_storage.queues.analysis = :active_storage_analysis +# Rails.application.config.active_storage.queues.purge = :active_storage_purge + +# When assigning to a collection of attachments declared via `has_many_attached`, replace existing +# attachments instead of appending. Use #attach to add new attachments without replacing existing ones. +# Rails.application.config.active_storage.replace_on_assign_to_many = true + +# Use ActionMailer::MailDeliveryJob for sending parameterized and normal mail. +# +# The default delivery jobs (ActionMailer::Parameterized::DeliveryJob, ActionMailer::DeliveryJob), +# will be removed in Rails 6.1. This setting is not backwards compatible with earlier Rails versions. +# If you send mail in the background, job workers need to have a copy of +# MailDeliveryJob to ensure all delivery jobs are processed properly. +# Make sure your entire app is migrated and stable on 6.0 before using this setting. +# Rails.application.config.action_mailer.delivery_job = "ActionMailer::MailDeliveryJob" + +# Enable the same cache key to be reused when the object being cached of type +# `ActiveRecord::Relation` changes by moving the volatile information (max updated at and count) +# of the relation's cache key into the cache version to support recycling cache key. +# Rails.application.config.active_record.collection_cache_versioning = true diff --git a/web/config/puma.rb b/web/config/puma.rb index a5eccf816..5ed443774 100644 --- a/web/config/puma.rb +++ b/web/config/puma.rb @@ -4,8 +4,9 @@ # the maximum value specified for Puma. Default is set to 5 threads for minimum # and maximum; this matches the default thread size of Active Record. # -threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 } -threads threads_count, threads_count +max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 } +min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count } +threads min_threads_count, max_threads_count # Specifies the `port` that Puma will listen on to receive requests; default is 3000. # @@ -15,8 +16,11 @@ port ENV.fetch("PORT") { 3000 } # environment ENV.fetch("RAILS_ENV") { "development" } +# Specifies the `pidfile` that Puma will use. +pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" } + # Specifies the number of `workers` to boot in clustered mode. -# Workers are forked webserver processes. If using threads and workers together +# Workers are forked web server processes. If using threads and workers together # the concurrency of the application would be max `threads` * `workers`. # Workers do not work on JRuby or Windows (both of which do not support # processes). diff --git a/websocket-gateway/lib/jam_websockets/router.rb b/websocket-gateway/lib/jam_websockets/router.rb index fbb2b70dd..7dedfca41 100644 --- a/websocket-gateway/lib/jam_websockets/router.rb +++ b/websocket-gateway/lib/jam_websockets/router.rb @@ -492,7 +492,7 @@ module JamWebsockets websocket_comm(client, nil) do client.x_forwarded_for = handshake.headers["X-Forwarded-For"] client.query = handshake.query - handle_login(client, client.query, client.x_forwarded_for) + #handle_login(client, client.query, client.x_forwarded_for) end } } @@ -645,7 +645,9 @@ module JamWebsockets client.query["token"] = client_msg.login.token client.query["username"] = client_msg.login.username client.query["password"] = client_msg.login.password - time_it('login') { handle_login(client, client.query, client.x_forwarded_for, false) } + time_it('login') { + #handle_login(client, client.query, client.x_forwarded_for, false) + } elsif client_msg.type == ClientMessage::Type::LOGOUT # this is currently only a jamblaster path time_it('login') { handle_logout(client) } @@ -1237,7 +1239,7 @@ module JamWebsockets if !token.nil? && token != '' @log.debug "logging in via token" # attempt login with token - user = User.find_by_remember_token(token) + user = User.find_by(remember_token: token) if user.nil? @log.debug "no user found with token #{token}"