From e14002ed10fb15946a9795c08dd083ecfece45cc Mon Sep 17 00:00:00 2001 From: Jan Graichen Date: Mon, 25 Nov 2024 14:36:45 +0100 Subject: [PATCH] feat: Upgrade to Rails 8.0 --- Gemfile | 4 +- Gemfile.lock | 142 ++++++++-------- bin/bundle | 28 +-- bin/dev | 4 + bin/rails | 2 + bin/rake | 2 + bin/rubocop | 2 + bin/setup | 19 +-- config/application.rb | 5 +- config/environments/development.rb | 26 ++- config/environments/production.rb | 56 +++--- config/environments/test.rb | 32 ++-- .../initializers/content_security_policy.rb | 7 +- config/puma.rb | 38 +++-- public/400.html | 135 +++++++++++++++ public/404.html | 160 ++++++++++++------ public/406-unsupported-browser.html | 156 ++++++++++++----- public/422.html | 160 ++++++++++++------ public/500.html | 160 ++++++++++++------ public/icon.png | Bin 5599 -> 4166 bytes public/icon.svg | 4 +- 21 files changed, 758 insertions(+), 384 deletions(-) create mode 100755 bin/dev create mode 100644 public/400.html diff --git a/Gemfile b/Gemfile index 93d9b19a..f2e1bcaf 100644 --- a/Gemfile +++ b/Gemfile @@ -8,10 +8,10 @@ gem "config", "~> 5.5" gem "dry-validation", "~> 1.10" gem "forked", "~> 0.1.2" gem "puma", "~> 6.4" -gem "rails", "~> 7.2.0" +gem "rails", "~> 8.0.0" gem "unicorn", "~> 6.0" -gem "active_record_upsert", github: "jesjos/active_record_upsert", ref: "c3e07ae" +gem "active_record_upsert", github: "jesjos/active_record_upsert", ref: "5b2769eb5ec089665e5a099c151401d5ba14c104" gem "bulk_insert", "~> 1.8" gem "hutch", "~> 1.1" diff --git a/Gemfile.lock b/Gemfile.lock index 8e43f7a4..b0848063 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,79 +1,78 @@ GIT remote: https://github.com/jesjos/active_record_upsert.git - revision: c3e07aecf28d6a81a06fcada4710b103dfca823b - ref: c3e07ae + revision: 5b2769eb5ec089665e5a099c151401d5ba14c104 + ref: 5b2769eb5ec089665e5a099c151401d5ba14c104 specs: active_record_upsert (0.11.2) - activerecord (>= 5.2, < 8.0) + activerecord (>= 5.2, < 8.1) pg (>= 0.18, < 2.0) GEM remote: https://rubygems.org/ specs: - actioncable (7.2.2) - actionpack (= 7.2.2) - activesupport (= 7.2.2) + actioncable (8.0.0) + actionpack (= 8.0.0) + activesupport (= 8.0.0) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.2.2) - actionpack (= 7.2.2) - activejob (= 7.2.2) - activerecord (= 7.2.2) - activestorage (= 7.2.2) - activesupport (= 7.2.2) + actionmailbox (8.0.0) + actionpack (= 8.0.0) + activejob (= 8.0.0) + activerecord (= 8.0.0) + activestorage (= 8.0.0) + activesupport (= 8.0.0) mail (>= 2.8.0) - actionmailer (7.2.2) - actionpack (= 7.2.2) - actionview (= 7.2.2) - activejob (= 7.2.2) - activesupport (= 7.2.2) + actionmailer (8.0.0) + actionpack (= 8.0.0) + actionview (= 8.0.0) + activejob (= 8.0.0) + activesupport (= 8.0.0) mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.2.2) - actionview (= 7.2.2) - activesupport (= 7.2.2) + actionpack (8.0.0) + actionview (= 8.0.0) + activesupport (= 8.0.0) nokogiri (>= 1.8.5) - racc - rack (>= 2.2.4, < 3.2) + rack (>= 2.2.4) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) useragent (~> 0.16) - actiontext (7.2.2) - actionpack (= 7.2.2) - activerecord (= 7.2.2) - activestorage (= 7.2.2) - activesupport (= 7.2.2) + actiontext (8.0.0) + actionpack (= 8.0.0) + activerecord (= 8.0.0) + activestorage (= 8.0.0) + activesupport (= 8.0.0) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.2.2) - activesupport (= 7.2.2) + actionview (8.0.0) + activesupport (= 8.0.0) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - activejob (7.2.2) - activesupport (= 7.2.2) + activejob (8.0.0) + activesupport (= 8.0.0) globalid (>= 0.3.6) - activemodel (7.2.2) - activesupport (= 7.2.2) + activemodel (8.0.0) + activesupport (= 8.0.0) activemodel-serializers-xml (1.0.3) activemodel (>= 5.0.0.a) activesupport (>= 5.0.0.a) builder (~> 3.1) - activerecord (7.2.2) - activemodel (= 7.2.2) - activesupport (= 7.2.2) + activerecord (8.0.0) + activemodel (= 8.0.0) + activesupport (= 8.0.0) timeout (>= 0.4.0) - activestorage (7.2.2) - actionpack (= 7.2.2) - activejob (= 7.2.2) - activerecord (= 7.2.2) - activesupport (= 7.2.2) + activestorage (8.0.0) + actionpack (= 8.0.0) + activejob (= 8.0.0) + activerecord (= 8.0.0) + activesupport (= 8.0.0) marcel (~> 1.0) - activesupport (7.2.2) + activesupport (8.0.0) base64 benchmark (>= 0.3) bigdecimal @@ -85,6 +84,7 @@ GEM minitest (>= 5.1) securerandom (>= 0.3) tzinfo (~> 2.0, >= 2.0.5) + uri (>= 0.13.1) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) amq-protocol (2.3.2) @@ -119,7 +119,7 @@ GEM ostruct connection_pool (2.4.1) crass (1.0.6) - date (3.3.4) + date (3.4.0) deep_merge (1.2.2) diff-lcs (1.5.1) draper (4.0.2) @@ -133,8 +133,9 @@ GEM dry-configurable (1.2.0) dry-core (~> 1.0, < 2) zeitwerk (~> 2.6) - dry-core (1.0.1) + dry-core (1.0.2) concurrent-ruby (~> 1.0) + logger zeitwerk (~> 2.6) dry-inflector (1.1.0) dry-initializer (3.1.1) @@ -215,13 +216,13 @@ GEM matrix (0.4.2) method_source (1.1.0) mini_mime (1.1.5) - mini_portile2 (2.8.7) - minitest (5.25.1) + mini_portile2 (2.8.8) + minitest (5.25.2) mnemosyne-ruby (2.0.0) activesupport (>= 6.1) bunny multi_json (1.15.0) - net-imap (0.5.0) + net-imap (0.5.1) date net-protocol net-pop (0.1.2) @@ -239,7 +240,7 @@ GEM oj (3.16.7) bigdecimal (>= 3.0) ostruct (>= 0.2) - ostruct (0.6.0) + ostruct (0.6.1) parallel (1.26.3) parser (3.3.6.0) ast (~> 2.4.1) @@ -262,22 +263,22 @@ GEM rack (>= 3.0.0) rack-test (2.1.0) rack (>= 1.3) - rackup (2.2.0) + rackup (2.2.1) rack (>= 3) - rails (7.2.2) - actioncable (= 7.2.2) - actionmailbox (= 7.2.2) - actionmailer (= 7.2.2) - actionpack (= 7.2.2) - actiontext (= 7.2.2) - actionview (= 7.2.2) - activejob (= 7.2.2) - activemodel (= 7.2.2) - activerecord (= 7.2.2) - activestorage (= 7.2.2) - activesupport (= 7.2.2) + rails (8.0.0) + actioncable (= 8.0.0) + actionmailbox (= 8.0.0) + actionmailer (= 8.0.0) + actionpack (= 8.0.0) + actiontext (= 8.0.0) + actionview (= 8.0.0) + activejob (= 8.0.0) + activemodel (= 8.0.0) + activerecord (= 8.0.0) + activestorage (= 8.0.0) + activesupport (= 8.0.0) bundler (>= 1.15.0) - railties (= 7.2.2) + railties (= 8.0.0) rails-assets-manifest (3.0.1) activesupport (> 4.2) railties (> 4.2) @@ -288,12 +289,12 @@ GEM rails-html-sanitizer (1.6.0) loofah (~> 2.21) nokogiri (~> 1.14) - rails-rfc6570 (3.2.0) - actionpack (>= 4.2, < 8.0) + rails-rfc6570 (3.3.0) + actionpack (>= 4.2, < 8.1) addressable (~> 2.3) - railties (7.2.2) - actionpack (= 7.2.2) - activesupport (= 7.2.2) + railties (8.0.0) + actionpack (= 8.0.0) + activesupport (= 8.0.0) irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) @@ -306,7 +307,7 @@ GEM rb-inotify (0.11.1) ffi (~> 1.0) rbtree (0.4.6) - rdoc (6.7.0) + rdoc (6.8.1) psych (>= 4.0.0) regexp_parser (2.9.2) reline (0.5.11) @@ -395,13 +396,14 @@ GEM thor (1.3.2) tilt (2.4.0) timecop (0.9.10) - timeout (0.4.1) + timeout (0.4.2) tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (2.6.0) unicorn (6.1.0) kgio (~> 2.6) raindrops (~> 0.7) + uri (1.0.2) useragent (0.16.10) uuid4 (1.4.0) base62-rb (~> 0.3.0) @@ -445,7 +447,7 @@ DEPENDENCIES pry pry-byebug puma (~> 6.4) - rails (~> 7.2.0) + rails (~> 8.0.0) rails-assets-manifest (~> 3.0, >= 3.0.0) rails-rfc6570 (~> 3.0) responders (~> 3.0) diff --git a/bin/bundle b/bin/bundle index 524dfd3f..18b6f6de 100755 --- a/bin/bundle +++ b/bin/bundle @@ -11,52 +11,56 @@ require "rubygems" m = Module.new do - module_function + module_function def invoked_as_script? - File.expand_path($0) == File.expand_path(__FILE__) + File.expand_path($PROGRAM_NAME) == File.expand_path(__FILE__) end def env_var_version - ENV["BUNDLER_VERSION"] + ENV.fetch("BUNDLER_VERSION", nil) end def cli_arg_version return unless invoked_as_script? # don't want to hijack other binstubs return unless "update".start_with?(ARGV.first || " ") # must be running `bundle update` + bundler_version = nil update_index = nil ARGV.each_with_index do |a, i| if update_index && update_index.succ == i && a =~ Gem::Version::ANCHORED_VERSION_PATTERN bundler_version = a end - next unless a =~ /\A--bundler(?:[= ](#{Gem::Version::VERSION_PATTERN}))?\z/ - bundler_version = $1 || ">= 0.a" + next unless a =~ /\A--bundler(?:[= ](#{Gem::Version::VERSION_PATTERN}))?\z/o + + bundler_version = Regexp.last_match(1) || ">= 0.a" update_index = i end bundler_version end def gemfile - gemfile = ENV["BUNDLE_GEMFILE"] - return gemfile if gemfile && !gemfile.empty? + gemfile = ENV.fetch("BUNDLE_GEMFILE", nil) + return gemfile if gemfile.present? - File.expand_path("../../Gemfile", __FILE__) + File.expand_path("../Gemfile", __dir__) end def lockfile lockfile = case File.basename(gemfile) - when "gems.rb" then gemfile.sub(/\.rb$/, gemfile) - else "#{gemfile}.lock" + when "gems.rb" then gemfile.sub(/\.rb$/, gemfile) + else "#{gemfile}.lock" end File.expand_path(lockfile) end def lockfile_version return unless File.file?(lockfile) + lockfile_contents = File.read(lockfile) - return unless lockfile_contents =~ /\n\nBUNDLED WITH\n\s{2,}(#{Gem::Version::VERSION_PATTERN})\n/ + return unless lockfile_contents =~ /\n\nBUNDLED WITH\n\s{2,}(#{Gem::Version::VERSION_PATTERN})\n/o + Regexp.last_match(1) end @@ -82,10 +86,12 @@ m = Module.new do gem "bundler", bundler_version end return if gem_error.nil? + require_error = activation_error_handling do require "bundler/version" end return if require_error.nil? && Gem::Requirement.new(bundler_version).satisfied_by?(Gem::Version.new(Bundler::VERSION)) + warn "Activating bundler (#{bundler_version}) failed:\n#{gem_error.message}\n\nTo install the version of bundler this project requires, run `gem install bundler -v '#{bundler_version}'`" exit 42 end diff --git a/bin/dev b/bin/dev new file mode 100755 index 00000000..6981d917 --- /dev/null +++ b/bin/dev @@ -0,0 +1,4 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +exec "./bin/rails", "server", *ARGV diff --git a/bin/rails b/bin/rails index efc03774..22f2d8de 100755 --- a/bin/rails +++ b/bin/rails @@ -1,4 +1,6 @@ #!/usr/bin/env ruby +# frozen_string_literal: true + APP_PATH = File.expand_path("../config/application", __dir__) require_relative "../config/boot" require "rails/commands" diff --git a/bin/rake b/bin/rake index 4fbf10b9..e436ea54 100755 --- a/bin/rake +++ b/bin/rake @@ -1,4 +1,6 @@ #!/usr/bin/env ruby +# frozen_string_literal: true + require_relative "../config/boot" require "rake" Rake.application.run diff --git a/bin/rubocop b/bin/rubocop index 40330c0f..25406fe0 100755 --- a/bin/rubocop +++ b/bin/rubocop @@ -1,4 +1,6 @@ #!/usr/bin/env ruby +# frozen_string_literal: true + require "rubygems" require "bundler/setup" diff --git a/bin/setup b/bin/setup index bb7416d6..e37abaad 100755 --- a/bin/setup +++ b/bin/setup @@ -1,11 +1,12 @@ #!/usr/bin/env ruby +# frozen_string_literal: true + require "fileutils" APP_ROOT = File.expand_path("..", __dir__) -APP_NAME = "server" -def system!(*args) - system(*args, exception: true) +def system!(*) + system(*, exception: true) end FileUtils.chdir APP_ROOT do @@ -14,7 +15,6 @@ FileUtils.chdir APP_ROOT do # Add necessary setup steps to this file. puts "== Installing dependencies ==" - system! "gem install bundler --conservative" system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" @@ -28,10 +28,9 @@ FileUtils.chdir APP_ROOT do puts "\n== Removing old logs and tempfiles ==" system! "bin/rails log:clear tmp:clear" - puts "\n== Restarting application server ==" - system! "bin/rails restart" - - # puts "\n== Configuring puma-dev ==" - # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}" - # system "curl -Is https://#{APP_NAME}.test/up | head -n 1" + unless ARGV.include?("--skip-server") + puts "\n== Starting development server ==" + $stdout.flush # flush the output before exec(2) so that it displays + exec "bin/dev" + end end diff --git a/config/application.rb b/config/application.rb index 31431973..6275da07 100644 --- a/config/application.rb +++ b/config/application.rb @@ -38,7 +38,10 @@ class Application < Rails::Application # Common ones are `templates`, `generators`, or `middleware`, for example. config.autoload_lib(ignore: %w[assets tasks patch server]) - config.filter_parameters += %i[passw secret token _key crypt salt certificate otp ssn] + config.filter_parameters += %i[ + passw email secret token _key crypt salt certificate otp ssn cvv cvc + ] + config.session_store :cookie_store, key: "_mnemosyne", same_site: :lax config.action_dispatch.cookies_serializer = :json diff --git a/config/environments/development.rb b/config/environments/development.rb index 97354ea6..23f11abb 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -5,9 +5,7 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded any time - # it changes. This slows down response time but is perfect for development - # since you don't have to restart the web server when you make code changes. + # Make code changes take effect immediately without server restart. config.enable_reloading = true # Do not eager load code on boot. @@ -19,35 +17,31 @@ # Enable server timing. config.server_timing = true - # Enable/disable caching. By default caching is disabled. - # Run rails dev:cache to toggle caching. + # Enable/disable Action Controller caching. By default Action Controller caching is disabled. + # Run rails dev:cache to toggle Action Controller caching. if Rails.root.join("tmp/caching-dev.txt").exist? config.action_controller.perform_caching = true config.action_controller.enable_fragment_cache_logging = true - - config.cache_store = :memory_store - config.public_file_server.headers = {"Cache-Control" => "public, max-age=#{2.days.to_i}"} + config.public_file_server.headers = {"cache-control" => "public, max-age=#{2.days.to_i}"} else config.action_controller.perform_caching = false - - config.cache_store = :null_store end + # Change to :null_store to avoid any caching. + config.cache_store = :memory_store + # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true + # Append comments with runtime information tags to SQL queries in logs. + config.active_record.query_log_tags_enabled = true + # Highlight code that enqueued background job in logs. config.active_job.verbose_enqueue_logs = true diff --git a/config/environments/production.rb b/config/environments/production.rb index 7312554a..36eaf63e 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -8,33 +8,23 @@ # Code is not reloaded between requests. config.enable_reloading = false - # Eager load code on boot. This eager loads most of Rails and your - # application in memory, allowing both threaded web servers and those - # relying on copy on write to perform better. Rake tasks automatically - # ignore this option for performance. + # Eager load code on boot for better performance and memory savings (ignored by Rake tasks). config.eager_load = true - # Full error reports are disabled and caching is turned on. + # Full error reports are disabled. config.consider_all_requests_local = false - config.action_controller.perform_caching = true - # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment - # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). - # config.require_master_key = true + # Turn on fragment caching in view templates. + config.action_controller.perform_caching = true - # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. - # config.public_file_server.enabled = false + # Cache assets for far-future expiry since they are all digest stamped. + config.public_file_server.headers = {"cache-control" => "public, max-age=#{1.year.to_i}"} # Enable serving of images, stylesheets, and JavaScripts from an asset server. # config.asset_host = "http://assets.example.com" - # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache - # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX - # Assume all access to the app is happening through a SSL-terminating reverse proxy. - # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. - # config.assume_ssl = true + config.assume_ssl = true # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. config.force_ssl = true @@ -42,43 +32,41 @@ # Skip http-to-https redirect for the default health check endpoint. # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } - # Log to STDOUT by default - config.logger = ActiveSupport::Logger.new($stdout) - .tap {|logger| logger.formatter = Logger::Formatter.new } - .then {|logger| ActiveSupport::TaggedLogging.new(logger) } - - # Prepend all log lines with the following tags. + # Log to STDOUT with the current request id as a default log tag. config.log_tags = [:request_id] + config.logger = ActiveSupport::TaggedLogging.logger($stdout) - # "info" includes generic and useful information about system - # operation, but avoids logging too much information to avoid - # inadvertent exposure of personally identifiable information (PII). - # If you want to log everything, set the level to "debug". + # Change to "debug" to log everything (including potentially personally-identifiable information!) config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") - # Use a different cache store in production. + # Prevent health checks from clogging up the logs. + config.silence_healthcheck_path = "/up" + + # Don't log any deprecations. + config.active_support.report_deprecations = false + + # Replace the default in-process memory cache store with a durable alternative. # config.cache_store = :mem_cache_store - # Use a real queuing backend for Active Job (and separate queues per environment). + # Replace the default in-process and non-durable queuing backend for Active Job. # config.active_job.queue_adapter = :resque - # config.active_job.queue_name_prefix = "server_production" # Enable locale fallbacks for I18n (makes lookups for any locale fall back to # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Don't log any deprecations. - config.active_support.report_deprecations = false - # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false + # Only use :id for inspections in production. + config.active_record.attributes_for_inspect = [:id] + # Enable DNS rebinding protection and other `Host` header attacks. # config.hosts = [ # "example.com", # Allow requests from example.com # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` # ] - + # # Skip DNS rebinding protection for the default health check endpoint. # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } end diff --git a/config/environments/test.rb b/config/environments/test.rb index 5d752c54..6869a4b3 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,7 +1,5 @@ # frozen_string_literal: true -require "active_support/core_ext/integer/time" - # The test environment is used exclusively to run your application's # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped @@ -13,20 +11,17 @@ # While tests run files are not watched, reloading is not necessary. config.enable_reloading = false - # Eager loading loads your entire application. When running a single - # test locally, this is usually not necessary, and can slow down your - # test suite. However, it's recommended that you enable it in - # continuous integration systems to ensure eager loading is working - # properly before deploying your code. + # Eager loading loads your entire application. When running a single test locally, + # this is usually not necessary, and can slow down your test suite. However, it's + # recommended that you enable it in continuous integration systems to ensure eager + # loading is working properly before deploying your code. config.eager_load = ENV["CI"].present? - # Configure public file server for tests with Cache-Control for - # performance. - config.public_file_server.headers = {"Cache-Control" => "public, max-age=#{1.hour.to_i}"} + # Configure public file server for tests with cache-control for performance. + config.public_file_server.headers = {"cache-control" => "public, max-age=3600"} - # Show full error reports and disable caching. + # Show full error reports. config.consider_all_requests_local = true - config.action_controller.perform_caching = false config.cache_store = :null_store # Render exception templates for rescuable exceptions and raise for other exceptions. @@ -38,19 +33,12 @@ # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - # Raises error for missing translations. - # config.i18n.raise_on_missing_translations = true + config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. - # config.action_view.annotate_rendered_view_with_filenames = true + config.action_view.annotate_rendered_view_with_filenames = true - # Raise error when a before_action's only/except options reference - # missing actions. + # Raise error when a before_action's only/except options reference missing actions. config.action_controller.raise_on_missing_callback_actions = true end diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 55de6930..ff65e320 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -2,8 +2,8 @@ # Be sure to restart your server when you modify this file. -# Define an application-wide content security policy. See the Securing -# Rails Applications Guide for more information: +# Define an application-wide content security policy. +# See the Securing Rails Applications Guide for more information: # https://guides.rubyonrails.org/security.html#content-security-policy-header Rails.application.configure do @@ -18,8 +18,7 @@ # policy.report_uri "/csp-violation-report-endpoint" end - # Generate session nonces for permitted importmap, inline scripts, and - # inline styles. + # Generate session nonces for permitted importmap, inline scripts, and inline styles. config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } config.content_security_policy_nonce_directives = %w[script-src style-src] diff --git a/config/puma.rb b/config/puma.rb index 63659bf9..269fa358 100644 --- a/config/puma.rb +++ b/config/puma.rb @@ -3,26 +3,29 @@ # This configuration file will be evaluated by Puma. The top-level methods that # are invoked here are part of Puma's configuration DSL. For more information # about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html. - -# Puma starts a configurable number of processes (workers) and each -# process serves each request in a thread from an internal thread pool. # -# The ideal number of threads per worker depends both on how much time -# the application spends waiting for IO operations and on how much you -# wish to to prioritize throughput over latency. +# Puma starts a configurable number of processes (workers) and each process +# serves each request in a thread from an internal thread pool. +# +# You can control the number of workers using ENV["WEB_CONCURRENCY"]. You +# should only set this value when you want to run 2 or more workers. The +# default is already 1. # -# As a rule of thumb, increasing the number of threads will increase how -# much traffic a given process can handle (throughput), but due to -# CRuby's Global VM Lock (GVL) it has diminishing returns and will -# degrade the response time (latency) of the application. +# The ideal number of threads per worker depends both on how much time the +# application spends waiting for IO operations and on how much you wish to +# prioritize throughput over latency. # -# The default is set to 3 threads as it's deemed a decent compromise -# between throughput and latency for the average Rails application. +# As a rule of thumb, increasing the number of threads will increase how much +# traffic a given process can handle (throughput), but due to CRuby's +# Global VM Lock (GVL) it has diminishing returns and will degrade the +# response time (latency) of the application. # -# Any libraries that use a connection pool or another resource pool -# should be configured to provide at least as many connections as the -# number of threads. This includes Active Record's `pool` parameter in -# `database.yml`. +# The default is set to 3 threads as it's deemed a decent compromise between +# throughput and latency for the average Rails application. +# +# Any libraries that use a connection pool or another resource pool should +# be configured to provide at least as many connections as the number of +# threads. This includes Active Record's `pool` parameter in `database.yml`. threads_count = ENV.fetch("RAILS_MAX_THREADS", 3) threads threads_count, threads_count @@ -32,6 +35,9 @@ # Allow puma to be restarted by `bin/rails restart` command. plugin :tmp_restart +# Run the Solid Queue supervisor inside of Puma for single-server deployments +plugin :solid_queue if ENV["SOLID_QUEUE_IN_PUMA"] + # Specify the PID file. Defaults to tmp/pids/server.pid in development. # In other environments, only set the PID file if requested. pidfile ENV["PIDFILE"] if ENV["PIDFILE"] diff --git a/public/400.html b/public/400.html new file mode 100644 index 00000000..eda6e5bd --- /dev/null +++ b/public/400.html @@ -0,0 +1,135 @@ + + + + + + The server cannot process the request due to a client error (400 Bad + Request) + + + + + + + + + + + + +
+
+ + + + +
+
+

+ The server cannot process the request due to a client + error. + Please check the request and try again. If you’re the application + owner check the logs for more information. +

+
+
+ + diff --git a/public/404.html b/public/404.html index 8d884591..f240b97a 100644 --- a/public/404.html +++ b/public/404.html @@ -1,69 +1,129 @@ - + + - The page you were looking for doesn't exist (404) - + The page you were looking for doesn’t exist (404 Not found) + + + + + - + -
-
-

The page you were looking for doesn't exist.

-

You may have mistyped the address or the page may have moved.

-
-

- If you are the application owner check the logs for more information. -

-
+ +
+
+ + + + +
+
+

+ The page you were looking for doesn’t exist. You may + have mistyped the address or the page may have moved. If you’re the + application owner check the logs for more information. +

+
+
diff --git a/public/406-unsupported-browser.html b/public/406-unsupported-browser.html index 783e8932..0aa4996d 100644 --- a/public/406-unsupported-browser.html +++ b/public/406-unsupported-browser.html @@ -1,66 +1,128 @@ - + + - Your browser is not supported (406) - + Your browser is not supported (406 Not Acceptable) + + + + + - + -
-
-

Your browser is not supported.

-

Please upgrade your browser to continue.

-
-
+ +
+
+ + + + +
+
+

+ Your browser is not supported.
+ Please upgrade your browser to continue. +

+
+
diff --git a/public/422.html b/public/422.html index 845c5328..dc4882ad 100644 --- a/public/422.html +++ b/public/422.html @@ -1,69 +1,129 @@ - + + - The change you wanted was rejected (422) - + The change you wanted was rejected (422 Unprocessable Entity) + + + + + - + -
-
-

The change you wanted was rejected.

-

Maybe you tried to change something you didn't have access to.

-
-

- If you are the application owner check the logs for more information. -

-
+ +
+
+ + + + +
+
+

+ The change you wanted was rejected. Maybe you tried + to change something you didn’t have access to. If you’re the + application owner check the logs for more information. +

+
+
diff --git a/public/500.html b/public/500.html index 21fe4eca..5629af29 100644 --- a/public/500.html +++ b/public/500.html @@ -1,68 +1,130 @@ - + + - We're sorry, but something went wrong (500) - + + We’re sorry, but something went wrong (500 Internal Server Error) + + + + + + - + -
-
-

We're sorry, but something went wrong.

-
-

- If you are the application owner check the logs for more information. -

-
+ +
+
+ + + + +
+
+

+ We’re sorry, but something went wrong.
+ If you’re the application owner check the logs for more information. +

+
+
diff --git a/public/icon.png b/public/icon.png index f3b5abcbde91cf6d7a6a26e514eb7e30f476f950..c4c9dbfbbd2f7c1421ffd5727188146213abbcef 100644 GIT binary patch literal 4166 zcmd6qU;WFw?|v@m)Sk^&NvB8tcujdV-r1b=i(NJxn&7{KTb zX$3(M+3TP2o^#KAo{#tIjl&t~(8D-k004kqPglzn0HFG(Q~(I*AKsD#M*g7!XK0T7 zN6P7j>HcT8rZgKl$v!xr806dyN19Bd4C0x_R*I-a?#zsTvb_89cyhuC&T**i|Rc zq5b8M;+{8KvoJ~uj9`u~d_f6`V&3+&ZX9x5pc8s)d175;@pjm(?dapmBcm0&vl9+W zx1ZD2o^nuyUHWj|^A8r>lUorO`wFF;>9XL-Jy!P}UXC{(z!FO%SH~8k`#|9;Q|eue zqWL0^Bp(fg_+Pkm!fDKRSY;+^@BF?AJE zCUWpXPst~hi_~u)SzYBDZroR+Z4xeHIlm_3Yc_9nZ(o_gg!jDgVa=E}Y8uDgem9`b zf=mfJ_@(BXSkW53B)F2s!&?_R4ptb1fYXlF++@vPhd=marQgEGRZS@B4g1Mu?euknL= z67P~tZ?*>-Hmi7GwlisNHHJDku-dSm7g@!=a}9cSL6Pa^w^2?&?$Oi8ibrr>w)xqx zOH_EMU@m05)9kuNR>>4@H%|){U$^yvVQ(YgOlh;5oU_-vivG-p4=LrN-k7D?*?u1u zsWly%tfAzKd6Fb=`eU2un_uaTXmcT#tlOL+aRS=kZZf}A7qT8lvcTx~7j` z*b>=z)mwg7%B2_!D0!1IZ?Nq{^Y$uI4Qx*6T!E2Col&2{k?ImCO=dD~A&9f9diXy^$x{6CwkBimn|1E09 zAMSezYtiL?O6hS37KpvDM?22&d{l)7h-!F)C-d3j8Z`c@($?mfd{R82)H>Qe`h{~G z!I}(2j(|49{LR?w4Jspl_i!(4T{31|dqCOpI52r5NhxYV+cDAu(xp*4iqZ2e-$YP= zoFOPmm|u*7C?S{Fp43y+V;>~@FFR76bCl@pTtyB93vNWy5yf;HKr8^0d7&GVIslYm zo3Tgt@M!`8B6IW&lK{Xk>%zp41G%`(DR&^u z5^pwD4>E6-w<8Kl2DzJ%a@~QDE$(e87lNhy?-Qgep!$b?5f7+&EM7$e>|WrX+=zCb z=!f5P>MxFyy;mIRxjc(H*}mceXw5a*IpC0PEYJ8Y3{JdoIW)@t97{wcUB@u+$FCCO z;s2Qe(d~oJC^`m$7DE-dsha`glrtu&v&93IZadvl_yjp!c89>zo;Krk+d&DEG4?x$ zufC1n+c1XD7dolX1q|7}uelR$`pT0Z)1jun<39$Sn2V5g&|(j~Z!wOddfYiZo7)A< z!dK`aBHOOk+-E_xbWCA3VR-+o$i5eO9`rMI#p_0xQ}rjEpGW;U!&&PKnivOcG(|m9 z!C8?WC6nCXw25WVa*eew)zQ=h45k8jSIPbq&?VE{oG%?4>9rwEeB4&qe#?-y_es4c|7ufw%+H5EY#oCgv!Lzv291#-oNlX~X+Jl5(riC~r z=0M|wMOP)Tt8@hNg&%V@Z9@J|Q#K*hE>sr6@oguas9&6^-=~$*2Gs%h#GF@h)i=Im z^iKk~ipWJg1VrvKS;_2lgs3n1zvNvxb27nGM=NXE!D4C!U`f*K2B@^^&ij9y}DTLB*FI zEnBL6y{jc?JqXWbkIZd7I16hA>(f9T!iwbIxJj~bKPfrO;>%*5nk&Lf?G@c2wvGrY&41$W{7HM9+b@&XY@>NZM5s|EK_Dp zQX60CBuantx>|d#DsaZ*8MW(we|#KTYZ=vNa#d*DJQe6hr~J6{_rI#?wi@s|&O}FR zG$kfPxheXh1?IZ{bDT-CWB4FTvO-k5scW^mi8?iY5Q`f8JcnnCxiy@m@D-%lO;y0pTLhh6i6l@x52j=#^$5_U^os}OFg zzdHbo(QI`%9#o*r8GCW~T3UdV`szO#~)^&X_(VW>o~umY9-ns9-V4lf~j z`QBD~pJ4a#b`*6bJ^3RS5y?RAgF7K5$ll97Y8#WZduZ`j?IEY~H(s^doZg>7-tk*t z4_QE1%%bb^p~4F5SB$t2i1>DBG1cIo;2(xTaj*Y~hlM{tSDHojL-QPg%Mo%6^7FrpB*{ z4G0@T{-77Por4DCMF zB_5Y~Phv%EQ64W8^GS6h?x6xh;w2{z3$rhC;m+;uD&pR74j+i22P5DS-tE8ABvH(U~indEbBUTAAAXfHZg5QpB@TgV9eI<)JrAkOI z8!TSOgfAJiWAXeM&vR4Glh;VxH}WG&V$bVb`a`g}GSpwggti*&)taV1@Ak|{WrV|5 zmNYx)Ans=S{c52qv@+jmGQ&vd6>6yX6IKq9O$3r&0xUTdZ!m1!irzn`SY+F23Rl6# zFRxws&gV-kM1NX(3(gnKpGi0Q)Dxi~#?nyzOR9!en;Ij>YJZVFAL*=R%7y%Mz9hU% zs>+ZB?qRmZ)nISx7wxY)y#cd$iaC~{k0avD>BjyF1q^mNQ1QcwsxiTySe<6C&cC6P zE`vwO9^k-d`9hZ!+r@Jnr+MF*2;2l8WjZ}DrwDUHzSF{WoG zucbSWguA!3KgB3MU%HH`R;XqVv0CcaGq?+;v_A5A2kpmk5V%qZE3yzQ7R5XWhq=eR zyUezH=@V)y>L9T-M-?tW(PQYTRBKZSVb_!$^H-Pn%ea;!vS_?M<~Tm>_rWIW43sPW z=!lY&fWc1g7+r?R)0p8(%zp&vl+FK4HRkns%BW+Up&wK8!lQ2~bja|9bD12WrKn#M zK)Yl9*8$SI7MAwSK$%)dMd>o+1UD<2&aQMhyjS5R{-vV+M;Q4bzl~Z~=4HFj_#2V9 zB)Gfzx3ncy@uzx?yzi}6>d%-?WE}h7v*w)Jr_gBl!2P&F3DX>j_1#--yjpL%<;JMR z*b70Gr)MMIBWDo~#<5F^Q0$VKI;SBIRneuR7)yVsN~A9I@gZTXe)E?iVII+X5h0~H zx^c(fP&4>!*q>fb6dAOC?MI>Cz3kld#J*;uik+Ps49cwm1B4 zZc1|ZxYyTv;{Z!?qS=D)sgRKx^1AYf%;y_V&VgZglfU>d+Ufk5&LV$sKv}Hoj+s; xK3FZRYdhbXT_@RW*ff3@`D1#ps#~H)p+y&j#(J|vk^lW{fF9OJt5(B-_&*Xgn9~3N literal 5599 zcmeHL-D}fO6hCR_taXJlzs3}~RuB=Iujyo=i*=1|1FN%E=zNfMTjru|Q<6v{J{U!C zBEE}?j6I3sz>fzN!6}L_BKjcuASk~1;Dg|U_@d{g?V8mM`~#9U+>>*Ezw>c(PjYWA z4(;!cgge6k5E&d$G5`S-0}!Ik>CV(0Y#1}s-v_gAHhja2=W1?nBAte9D2HG<(+)uj z!5=W4u*{VKMw#{V@^NNs4TClr!FAA%ID-*gc{R%CFKEzG<6gm*9s_uy)oMGW*=nJf zw{(Mau|2FHfXIv6C0@Wk5k)F=3jo1srV-C{pl&k&)4_&JjYrnbJiul}d0^NCSh(#7h=F;3{|>EU>h z6U8_p;^wK6mAB(1b92>5-HxJ~V}@3?G`&Qq-TbJ2(&~-HsH6F#8mFaAG(45eT3VPO zM|(Jd<+;UZs;w>0Qw}0>D%{~r{uo_Fl5_Bo3ABWi zWo^j^_T3dxG6J6fH8X)$a^%TJ#PU!=LxF=#Fd9EvKx_x>q<(KY%+y-08?kN9dXjXK z**Q=yt-FTU*13ouhCdqq-0&;Ke{T3sQU9IdzhV9LhQIpq*P{N)+}|Mh+a-VV=x?R} c>%+pvTcMWshj-umO}|qP?%A)*_KlqT3uEqhU;qFB diff --git a/public/icon.svg b/public/icon.svg index b7f9051a..04b34bf8 100644 --- a/public/icon.svg +++ b/public/icon.svg @@ -1,3 +1,3 @@ - - + +