Since 9c913116c634fe5fe2159a94b8f1a244801a4877, if you run `rackup`
in a machine that doesn't have that folder, the server will not start.
This doesn't happen on `rails s` because we create that folder when
starting the server on
8c8b02784a/railties/lib/rails/commands/server/server_command.rb (L70-L74).
Didn't like the complicated stuff that happened on credentials:edit. It
would append to .gitattributes multiple times. Though I see why it was
written that way.
I'm cutting off for now, but since this new flow would require each developer
to run --enable perhaps this should really be:
1. Developer enrolls Rails app by running `credentials:diff --enable`
2. credentials:edit checks .gitattributes for `diff=rails_credentials` and
if the current file is covered by that.
3. If so, set up the "rails_credentials" driver automatically.
Helpers is more for sharing between commands. Since `Diffing` is only
for credentials we should just keep it only for credentials.
Replaces "pretty" with diffing since the former is ambiguous, while
diffing captures what it does. `opt_in` seemed clunky so it's swapped
for the one-word enable.
Usually the application requires the entire active support at load time
but the configuration happens before it is loaded. For that reason we
need to require the core_ext that we want to use in this file.
In most cases it works now without explicit require because it's accidentally required through
active_support/core_ext/date_and_time/calculations.rb where we still call `try`,
but that would stop working if we changed the Calculations implementation and remove the require call there.
- @sinsoku had the idea and started implementing it few months ago
but sadly didn't finish it.
This PR is taking over his work.
The credentials feature has changed a lot since @sinsoku opened hi
PR, it was easier to just restart from scratch instead of checking
out his branch.
Sinsoku will get all the credit he deserves for this idea :)
TL;DR on that that feature is to make the `git diff` or `git log`
of encrypted files to be readable.
The previous implementation was only setting up the git required
configuration for the first time Rails was bootstraped, so I decided
to instead provide the user a choice to opt-in for readable diff
credential whenever a user types the `bin/rails credentials:edit`
command.
The question won't be asked in the future the user has already
answered or if the user already opted in.
Co-authored-by: Takumi Shotoku <insoku.listy@gmail.com>
* read config/webpacker.yml to determine which path to exclude for zeitwerk:check
* fix test errors
* more changes to fix test errors
* refactor webpacker_path
[Andrew Kress + Rafael Mendonça França]
All other recommended new configurations that set in `load_defaults` are
already mentioned in `new_framework_defaults.rb`.
So `active_record.collection_cache_versioning` should also be mentioned.
- If we create the deprecation before the new class is defined this
creates an issue in case you use a `TracePoint`. The
`Tracepoint#return_value` will try to get the new class constant
resulting in a uninitialized constant Rails::SourceAnnotationExtractor
The problem can be reproduced like this:
```ruby
@defined = Set.new
ANONYMOUS_CLASS_DEFINITION_TRACEPOINT = TracePoint.new(:c_return) do |tp|
next unless @defined.add?(tp.return_value)
end
ANONYMOUS_CLASS_DEFINITION_TRACEPOINT.enable
require 'rails'
require "rails/source_annotation_extractor"
```
Assigning to a collection of attachments appends rather than replacing, as in 5.2. Existing 5.2 apps that rely on this behavior will no longer break when they're upgraded to 6.0.
For apps generated on 6.0 or newer, assigning replaces the existing attachments in the collection. #attach should be used to add new attachments to the collection without removing existing ones.
I expect that we'll deprecate the old behavior in 6.1.
Closes#36374.
A HTTP feature policy is Yet Another HTTP header for instructing the
browser about which features the application intends to make use of and
to lock down access to others. This is a new security mechanism that
ensures that should an application become compromised or a third party
attempts an unexpected action, the browser will override it and maintain
the intended UX.
WICG specification: https://wicg.github.io/feature-policy/
The end result is a HTTP header that looks like the following:
```
Feature-Policy: geolocation 'none'; autoplay https://example.com
```
This will prevent the browser from using geolocation and only allow
autoplay on `https://example.com`. Full feature list can be found over
in the WICG repository[1].
As of today Chrome and Safari have public support[2] for this
functionality with Firefox working on support[3] and Edge still pending
acceptance of the suggestion[4].
#### Examples
Using an initializer
```rb
# config/initializers/feature_policy.rb
Rails.application.config.feature_policy do |f|
f.geolocation :none
f.camera :none
f.payment "https://secure.example.com"
f.fullscreen :self
end
```
In a controller
```rb
class SampleController < ApplicationController
def index
feature_policy do |f|
f.geolocation "https://example.com"
end
end
end
```
Some of you might realise that the HTTP feature policy looks pretty
close to that of a Content Security Policy; and you're right. So much so
that I used the Content Security Policy DSL from #31162 as the starting
point for this change.
This change *doesn't* introduce support for defining a feature policy on
an iframe and this has been intentionally done to split the HTTP header
and the HTML element (`iframe`) support. If this is successful, I'll
look to add that on it's own.
Full documentation on HTTP feature policies can be found at
https://wicg.github.io/feature-policy/. Google have also published[5] a
great in-depth write up of this functionality.
[1]: https://github.com/WICG/feature-policy/blob/master/features.md
[2]: https://www.chromestatus.com/feature/5694225681219584
[3]: https://bugzilla.mozilla.org/show_bug.cgi?id=1390801
[4]: https://wpdev.uservoice.com/forums/257854-microsoft-edge-developer/suggestions/33507907-support-feature-policy
[5]: https://developers.google.com/web/updates/2018/06/feature-policy
Until Rails 5.2, generators can run same name multi times without destroying.
But Rails 6.0(with Zeitwerk) can't this. In Rails 6.0, an error occurs
due to class name collision check.
The check uses `const_defined?`, which assumes that the autoload object
is also defined.
https://ruby-doc.org/core-2.6.3/Module.html#method-i-const_defined-3F
It did not work until Rails 5.2, but Zeitwerk seems to be able to
correctly check this against the application's code.
However, this is a little inconvenient if want to run the generator
again like mistake an attribute name(need to run `destoy` before).
In order to solve this, this PR adds an option to skip the collision check.
With this option, you can overwrite files just as did until Rails 5.2.
I changed to set CSP nonce to `style-src` directive in #32932.
But this causes an issue when `unsafe-inline` is specified to `style-src`
(If a nonce is present, a nonce takes precedence over `unsafe-inline`).
So, I fixed to nonce directives configurable. By configure this, users
can make CSP as before.
Fixes#35137.
I changed return value of `ActionDispatch::Response#content_type` in #36034.
But this change seems to an obstacle to upgrading. https://github.com/rails/rails/pull/36034#issuecomment-498795893
Therefore, I restored the behavior of `ActionDispatch::Response#content_type`
to 5.2 and deprecated old behavior. Also, made it possible to control the
behavior with the config.
Previously it was only possible to specify the location of the pidfile
for the 'rails server' command with the '-P' flag. This adds support for
specifying the pidfile using a PIDFILE env var, which can still be
overridden by the '-P' flag and with the default pidfile path unchanged.
The motivation for this feature comes from using Docker to run multiple
instances of the same rails app. When developing a rails app with
Docker, it's common to bind-mount the rails root directory in the
running container, so that changes to files are shared between the
container and the host. However, this doesn't work so well with the
pidfile and it's necessary to (remember to) add a '-P' flag to the
'rails server' command line; being able to specify this flag using an
env var would make developing with Rails+Docker a bit simpler.
`spring-watcher-listen` watch application root by default.
c4bfe15805/lib/spring/watcher/listen.rb (L58)
This is necessary to watch the file (e.g. `.ruby-version`) in the
application root.
By this `node_modules` also be watched, and it is a possibility to be
shown a warning by `listen`.
Related to #32700, #34912, https://github.com/rails/webpacker/issues/1990.
`listen` watches directory recursive by default, and it cannot avoid it.
https://github.com/guard/listen/issues/111
So If this warning happens, the only workaround the user can do is remove
the gem.
The issue is likely to occur more frequently in Rails 6 because
`rails new` runs `webpacker:install` by default. Because of such a
state, I think that we should not recommend to use
`spring-watcher-listen`.
Spring has polling watcher, restart process works without this
`spring-watcher-listen`.
Because of polling base, CPU load may be higher than listen base. Still
I think that it is better than the warning comes out.
*sigh* this seems like the never ending bug. I don't love or even like
this fix but it does _work_.
Rafael suggested using `dummy_key: dummy_value` but unfortunately
that doesn't work. So we're left with checking whethere there might be
ternary type things in the content and then assuming that we want to
replace the line with a key value pair.
Technically fixes https://github.com/rails/rails/issues/36088
This is the behavior I naively expect for the operator when used with a
single digit, but it's definitely an edge case for it, and it doesn't
seem to work as expected for including prereleases.
Using >= works fine and make the intention more clear anyways.
The virtual attributes(`attachment` and `rich_text`) can't set value
with `fill_in`. So avoid using it. Once #35885 is merged, will be
modified to use it.
Also, add checking attachment attached or not for avoiding
`DelegationError` when attachment didn't attach.
As suggested in https://github.com/rails/rails/issues/35602#issuecomment-485833483, because we don't provide view caching and doesn't include `ActionController::Caching` for api apps, we should also avoid generating
```ruby
config.action_controller.perform_caching = true
```
for those api apps. So it won't confuse people.
**But because `perform_caching` will be `true` if not set, the behavior of the app would still be the same without these configs.**
- Also deprecate passing {required} to the model generator.
- Also made sure the global config `belongs_to_required_by_default` is
applied correctly to the model generator for `null: false` option.
`bin/setup` and `bin/update` are currently almost the same file. The
only thing that keeps them apart is that one is running `bin/rails
db:setup` and the other `bin/rails db:migrate`.
I'm suggesting here that they should be a unique script, which needs to
be idempotent.
- New to a project, need to get started? `bin/setup`
- Need to install new dependencies that were added recently? `bin/setup`.
Before deprecating `bin/update`, I'm suggesting we just have it call
`bin/setup`.
Cache versioning enables the same cache key to be reused when the object
being cached changes by moving the volatile part of the cache key out of
the cache key and into a version that is embedded in the cache entry.
This is already occurring when the object being cached is an
`ActiveRecord::Base`, but when caching an `ActiveRecord::Relation`
we are currently still putting the volatile information (max updated at
and count) as part of the cache key.
This PR moves the volatile part of the relations `cache_key` into the
`cache_version` to support recycling cache keys for
`ActiveRecord::Relation`s.
d8d6bd5 makes fixture loading to bulk statements by using
`execute_batch` for sqlite3 adapter. But `execute_batch` is slower and
it caused the performance regression for fixture loading.
In sqlite3 1.4.0, it have new batch method `execute_batch2`. I've
confirmed `execute_batch2` is extremely faster than `execute_batch`.
So I think it is worth to upgrade sqlite3 to 1.4.0 to use that method.
Before:
```
% ARCONN=sqlite3 bundle exec ruby -w -Itest test/cases/associations/eager_test.rb -n test_eager_loading_too_may_ids
Using sqlite3
Run options: -n test_eager_loading_too_may_ids --seed 35790
# Running:
.
Finished in 202.437406s, 0.0049 runs/s, 0.0049 assertions/s.
1 runs, 1 assertions, 0 failures, 0 errors, 0 skips
ARCONN=sqlite3 bundle exec ruby -w -Itest -n test_eager_loading_too_may_ids 142.57s user 60.83s system 98% cpu 3:27.08 total
```
After:
```
% ARCONN=sqlite3 bundle exec ruby -w -Itest test/cases/associations/eager_test.rb -n test_eager_loading_too_may_ids
Using sqlite3
Run options: -n test_eager_loading_too_may_ids --seed 16649
# Running:
.
Finished in 8.471032s, 0.1180 runs/s, 0.1180 assertions/s.
1 runs, 1 assertions, 0 failures, 0 errors, 0 skips
ARCONN=sqlite3 bundle exec ruby -w -Itest -n test_eager_loading_too_may_ids 10.71s user 1.36s system 95% cpu 12.672 total
```
During initialization, the eager load paths of engines are unshifted
into AS::Dependencies.autoload_paths. After that, the collection is
frozen. (See the initializers in railties/lib/rails/engine.rb.)
Hence, there is no eager load path that is not an autoload path too, and
so the array difference in the deleted code is always an empty array.
Just do nothing.
A long-running `rails console --sandbox` could cause a database server
to become out-of-memory as it's holding on to changes that happen on the
database.
Given that it's common for Ruby on Rails application with huge
traffic to have separate write database and read database, we should
allow the developers to disable this sandbox option to prevent someone
from accidentally causing the Denial-of-Service on their server.
Since `secret_key_base` is expected to be included in credential file,
`secret_key_base` should be included even if re-create the file. This is
the same behavior as creating a new app.
When env is specified, it may be unnecessary, so I added it only when not
specifying env.
Since 3777701f1380f3814bd5313b225586dec64d4104, the environment's name is
automatically expanded in console and dbconsole commands.
In order to match the behavior between the commands, fixes it to have the
same behavior of all the commands.
This behavior is defined in `EnvironmentArgument`. Since
`EnvironmentArgument` also defines the environment option, it is reused.
However, since desc was not content that can be used in all comments,
fixed desc to be defined for each command.
The tmp directory is added to version control in the newly created
application. This was added in Rails 5.0.0(f06ce4c12a).
However, applications created before that are not guaranteed to have the
tmp directory. If the tmp directory does not exist, writing to the key file
raise error.
This is a bit incompatible. So I fixed that create the directory before
writing a key.
This streamlines the lovely foundation Bogdan added. Mainly to add
guidance around encryption keys and remove some backticks.
Finally it adds some mention of how to access these files from Ruby
in apps.
[ Kasper Timm Hansen & bogdanvlviv ]
Sample example ->
Before:
prathamesh@Prathameshs-MacBook-Pro-2 blog *$ rails server thin
DEPRECATION WARNING: Passing the Rack server name as a regular argument is deprecated
and will be removed in the next Rails version. Please, use the -u
option instead.
After:
prathamesh@Prathameshs-MacBook-Pro-2 squish_app *$ rails server thin
DEPRECATION WARNING: Passing the Rack server name as a regular argument is deprecated and will be removed in the next Rails version. Please, use the -u option instead.
If the secret_key_base is nil in dev or test generate a key from random
bytes and store it in a tmp file. This prevents the app developers from
having to share / checkin the secret key for dev / test but also
maintains a key between app restarts in dev/test.
[CVE-2019-5420]
Co-Authored-By: eileencodes <eileencodes@gmail.com>
Co-Authored-By: John Hawthorn <john@hawthorn.email>
This change adds a new method that loads the YAML for the database
config without parsing the ERB. This may seem odd but bear with me:
When we added the ability to have rake tasks for multiple databases we
started looping through the configurations to collect the namespaces so
we could do `rake db:create:my_second_db`. See #32274.
This caused a problem where if you had `Rails.config.max_threads` set in
your database.yml it will blow up because the environment that defines
`max_threads` isn't loaded during `rake -T`. See #35468.
We tried to fix this by adding the ability to just load the YAML and
ignore ERB all together but that caused a bug in GitHub's YAML loading
where if you used multi-line ERB the YAML was invalid. That led us to
reverting some changes in #33748.
After trying to resolve this a bunch of ways `@tenderlove` came up with
replacing the ERB values so that we don't need to load the environment
but we also can load the YAML.
This change adds a DummyCompiler for ERB that will replace all the
values so we can load the database yaml and create the rake tasks.
Nothing else uses this method so it's "safe".
DO NOT use this method in your application.
Fixes#35468
Rails.autoloader and Rails.once_autoloader was just tentative API good
enough for a first patch. Rails.autoloader is singular and does not
convey in its name that there is another autoloader. That might be
confusing, for example if you set a logger and miss traces. On the other
hand, the name `once_autoloader` is very close to being horrible.
Rails.autoloaders.main and Rails.autoloaders.once read better for my
taste, and have a nice symmetry. Also, both "main" and "once" are four
letters long, short and same length.
They are tagged as "rails.main" and "rails.once", respectively.
References #35235.
- If you have hashes inside array, the hashes were getting initialized
as regular HWIA wereas we want them to be
NonSymbolAccessDeprecatedHash in order to trigger a deprecation
warning when keys are accessed with string.
This patch fixes that by overwriting the `[]=` to to the same
as what HWIA does (with the difference that we don't call
`convert_key` to not trigger a deprecation when setting value).
I also took the liberty to extract `hash.nested_under_indifferent_access`,
into a separate method to allow subclasses to return whatever
they want.
Inheriting HWIA is not common, but I think it's useful for cases
like this one where we want to preprocess reading and writing values
in the hash (for deprecation purposes or other reasons).
A change to `Rails::Application.config_for` in
https://github.com/rails/rails/pull/33815 and
https://github.com/rails/rails/pull/33882 has altered the behaviour of
the returned object in a breaking manner. Before that change, nested
hashes returned from `config_for` could be accessed using non-symbol keys.
After the change, all keys are recursively symbolized so non-symbol access
fails to read the expected values.
This is a breaking change for any app that might be relying on the
nested hashes returned from `config_for` calls, and thus should be
deprecated before being removed from the codebase.
This commit introduces a temporary `NonSymbolAccessDeprecatedHash` class
that recursively wraps any nested hashes inside the `OrderedOptions`
object returned from `config_for` and issues a deprecation notice when a
non-symbol based access is performed.
This way, apps that are still relying on the ability to access these
nested hashes using non-symbol keys will be able to observe the
deprecation notices and have time to implement changes before non-symbol
access is removed for good.
A CHANGELOG entry is also added to note that non-symbol access to nested
`config_for` hashes is deprecated.
The following PR adds behavior to Rails to allow an application to
automatically switch it's connection from the primary to the replica.
A request will be sent to the replica if:
* The request is a read request (`GET` or `HEAD`)
* AND It's been 2 seconds since the last write to the database (because
we don't want to send a user to a replica if the write hasn't made it
to the replica yet)
A request will be sent to the primary if:
* It's not a GET/HEAD request (ie is a POST, PATCH, etc)
* Has been less than 2 seconds since the last write to the database
The implementation that decides when to switch reads (the 2 seconds) is
"safe" to use in production but not recommended without adequate testing
with your infrastructure. At GitHub in addition to the a 5 second delay
we have a curcuit breaker that checks the replication delay
and will send the query to a replica before the 5 seconds has passed.
This is specific to our application and therefore not something Rails
should be doing for you. You'll need to test and implement more robust
handling of when to switch based on your infrastructure. The auto
switcher in Rails is meant to be a basic implementation / API that acts
as a guide for how to implement autoswitching.
The impementation here is meant to be strict enough that you know how to
implement your own resolver and operations classes but flexible enough
that we're not telling you how to do it.
The middleware is not included automatically and can be installed in
your application with the classes you want to use for the resolver and
operations passed in. If you don't pass any classes into the middleware
the Rails default Resolver and Session classes will be used.
The Resolver decides what parameters define when to
switch, Operations sets timestamps for the Resolver to read from. For
example you may want to use cookies instead of a session so you'd
implement a Resolver::Cookies class and pass that into the middleware
via configuration options.
```
config.active_record.database_selector = { delay: 2.seconds }
config.active_record.database_resolver = MyResolver
config.active_record.database_operations = MyResolver::MyCookies
```
Your classes can inherit from the existing classes and reimplment the
methods (or implement more methods) that you need to do the switching.
You only need to implement methods that you want to change. For example
if you wanted to set the session token for the last read from a replica
you would reimplement the `read_from_replica` method in your resolver
class and implement a method that updates a new timestamp in your
operations class.
Rails generates `test/channels`(#34933) and
even allows `rails test:channels` (#34947).
`rails stats` has been providing info about `app/channels`,
it makes sense to add `test/channels` as well.
(I've changed test because we generate `test/channels` with some code)
We need this in order to be able to add this migration for users that
use ActiveStorage during update their apps from Rails 5.2 to Rails 6.0.
Related to #33405
`rake app:update` should update active_storage
`rake app:update` should execute `rake active_storage:update`
if it is used in the app that is being updated.
It will add new active_storage's migrations to users' apps during update Rails.
Context https://github.com/rails/rails/pull/33405#discussion_r204239399
Also, see a related discussion in the Campfire:
https://3.basecamp.com/3076981/buckets/24956/chats/12416418@1236713081
Follow up to: e0d3313
- Revert renames from `encrypted` and `encrypted_file` back to `credentials`.
They might be using our Encrypted* generators but from that level of abstraction
they're still about credentials.
- Same vein: extract a `credentials` method for the `encrypted` local variable. But
don't call it `encrypted` just because it uses that under the hood. It's about
capturing the credentials. It's also useful in `change_credentials_in_system_editor`.
- Remove lots of needless argument passing. We've abstracted content_path and key_path
into methods for a reason, so they should be used. Also spares a conspicuous rename
of content_path into file_path in other methods.
- Reorders private methods so they're grouped into: command building blocks, option
parsers, and the generators.
- Extracts commonality in the credentials application tests. A tad unsure about this.
But I do like that we go with key, content thus matching the command and remove the
yield which isn't really needed.
- Moves test/credentials_test.rb to beneath the test/application directory. It's a
Rails application test, so it should be in there.
- Uses `root.join` — a neat trick gleaned from the tests! — and composes the configuration
private methods such that the building block is below the callers.
Also, add mention to `new_framework_defaults_6_0.rb` that
`ActionMailer::Parameterized::DeliveryJob` is default for parameterized mail
and will be removed.
Related to #34692
In comments in templates for `config/database.yml`, there is a
reference to `secrets.yml` which is now deprecated.
They should be replaced with `credentials.yml` so that everyone
using latest Rails can understand.
Add `rails db:system:change` command for changing databases.
```
bin/rails db:system:change --to=postgresql
force config/database.yml
gsub Gemfile
```
The change command copies a template `config/database.yml` with
the target database adapter into your app, and replaces your database
gem with the target database gem.
* Enable `Lint/UselessAssignment` cop to avoid unused variable warnings
Since we've addressed the warning "assigned but unused variable"
frequently.
370537de05092aeea552146b42042833212a1acc
3040446cece8e7a6d9e29219e636e13f180a1e03
5ed618e192e9788094bd92c51255dda1c4fd0eae
76ebafe594fc23abc3764acc7a3758ca473799e5
And also, I've found the unused args in c1b14ad which raises no warnings
by the cop, it shows the value of the cop.
When generating a new rails application (rails new) using a custom template that
includes gems from an authenticated source, the user has to provide credentials to
bundler.
One way to do this is by exporting environment variables, for example:
export BUNDLE_GITHUB__COM=user:pass: provides credentials for bundler to fetch
gems from github.com.
The problem this PR addresses is that we are currently scrubs all /BUNDLE_.*/
environment variables by wrapping our system calls in Bundler.with_clean_env.
We do this because we don't want our commands executed against the generated project
to use the generator's bundler environment (e.g. our gems): the generated project should
use it's own configuration.
The problem with Bundler.with_clean_env is that, on top of restoring environment
variables to their original state, it also scrubs any /BUNDLE_.*/ variables, which is harmful for authenticated gem sources.
This PR replaces Bundler.with_clean_env with Bundler.with_original_env, which only
restores environment variables to their initial state, without additional scrubbing.
We had a discussion on the Core team and we don't want to expose this information
as a JSON endpoint and not by default.
It doesn't make sense to expose this JSON locally and this controller is only
accessible in dev, so the proposed access from a production app seems off.
This reverts commit 8eaffe7e89719ac62ff29c2e4208cfbeb1cd1c38, reversing
changes made to 133e0ba33db5887b047c9ac8233e5b414657bca5.
We had a discussion on the Core team and we don't want to expose this information
as a JSON endpoint and not by default.
It doesn't make sense to expose this JSON locally and this controller is only
accessible in dev, so the proposed access from a production app seems off.
This reverts commit 8eaffe7e89719ac62ff29c2e4208cfbeb1cd1c38, reversing
changes made to b6e4305c3bca4c673996d0af9db0f4cfbf50215e.
**before**
```
$ ./bin/rails g g
Could not find generator 'g'. Maybe you meant nil?
Run `rails generate --help` for more options.
```
**after**
```
$ ./bin/rails g g
Could not find generator 'g'.
Run `rails generate --help` for more options.
```
