diff --git a/.circleci/config.yml b/.circleci/config.yml index 04db6ed..c3b2548 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,14 +2,14 @@ version: 2.1 jobs: lint: docker: - - image: cimg/ruby:3.1.5 + - image: cimg/ruby:3.1.6 working_directory: ~/safer_rails_console steps: - checkout - restore_cache: keys: - - v2-gems-ruby-3.1.5-{{ checksum "safer_rails_console.gemspec" }}-{{ checksum "Gemfile" }} - - v2-gems-ruby-3.1.5- + - v2-gems-ruby-3.1.6-{{ checksum "safer_rails_console.gemspec" }}-{{ checksum "Gemfile" }} + - v2-gems-ruby-3.1.6- - run: name: Install Gems command: | @@ -18,7 +18,7 @@ jobs: bundle clean fi - save_cache: - key: v2-gems-ruby-3.1.5-{{ checksum "safer_rails_console.gemspec" }}-{{ checksum "Gemfile" }} + key: v2-gems-ruby-3.1.6-{{ checksum "safer_rails_console.gemspec" }}-{{ checksum "Gemfile" }} paths: - "vendor/bundle" - "gemfiles/vendor/bundle" @@ -82,11 +82,15 @@ workflows: matrix: parameters: ruby_version: - - 3.1.4 - - 3.2.2 - - 3.3.0 + - 3.1.6 + - 3.2.6 + - 3.3.6 gemfile: - gemfiles/6.1.gemfile - gemfiles/7.0.gemfile - gemfiles/7.1.gemfile - gemfiles/7.2.gemfile + - gemfiles/8.0.gemfile + exclude: + - ruby_version: 3.1.6 + gemfile: gemfiles/8.0.gemfile diff --git a/Appraisals b/Appraisals index 97aee29..a3b339b 100644 --- a/Appraisals +++ b/Appraisals @@ -15,3 +15,7 @@ end appraise '7.2' do gem 'rails', '~> 7.2.0' end + +appraise '8.0' do + gem 'rails', '~> 8.0.0' +end diff --git a/CHANGELOG.md b/CHANGELOG.md index b38a10f..30708db 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,8 @@ # Changelog +## v0.11.0 +- Add support for Rails 8.0. **Thanks [@olivier-thatch](https://github.com/olivier-thatch)** + ## v0.10.0 - Drop support for Ruby 3.0. - Add support for Rails 7.2. **Thanks [@kwent](https://github.com/kwent)** diff --git a/gemfiles/8.0.gemfile b/gemfiles/8.0.gemfile new file mode 100644 index 0000000..3b3765b --- /dev/null +++ b/gemfiles/8.0.gemfile @@ -0,0 +1,7 @@ +# This file was generated by Appraisal + +source "https://rubygems.org" + +gem "rails", "~> 8.0.0" + +gemspec path: "../" diff --git a/lib/safer_rails_console/patches/sandbox/auto_rollback.rb b/lib/safer_rails_console/patches/sandbox/auto_rollback.rb index b1d90a4..1cad350 100644 --- a/lib/safer_rails_console/patches/sandbox/auto_rollback.rb +++ b/lib/safer_rails_console/patches/sandbox/auto_rollback.rb @@ -24,7 +24,19 @@ def self.handle_and_reraise_exception(error, message = 'PG::ReadOnlySqlTransacti raise error end - module PostgreSQLAdapterPatch + # Patch for the PostgreSQL database adapter for Rails 8.0 and above. + module PostgreSQLAdapteRailsPatch + def internal_execute(...) + super + rescue StandardError => e + # rubocop:disable Layout/LineLength + SaferRailsConsole::Patches::Sandbox::AutoRollback.handle_and_reraise_exception(e, 'PG::ReadOnlySqlTransaction') + # rubocop:enable Layout/LineLength + end + end + + # Patch for the PostgreSQL database adapter for Rails 6.x and 7.x. + module LegacyPostgreSQLAdapteRailsPatch def execute_and_clear(...) super rescue StandardError => e @@ -35,10 +47,24 @@ def execute_and_clear(...) end if defined?(::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter) - ::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(PostgreSQLAdapterPatch) + if SaferRailsConsole::RailsVersion.eight_or_above? + ::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(PostgreSQLAdapteRailsPatch) + elsif SaferRailsConsole::RailsVersion.six_or_above? + ::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(LegacyPostgreSQLAdapteRailsPatch) + end + end + + # Patch for the MySQL database adapter for Rails 8.0 and above. + module MySQLAdapterRailsPatch + def internal_execute(...) + super + rescue StandardError => e + SaferRailsConsole::Patches::Sandbox::AutoRollback.handle_and_reraise_exception(e, 'READ ONLY transaction') + end end - module MySQLPatch + # Patch for the MySQL database adapter for Rails 6.x and 7.x. + module LegacyMySQLAdapterRails67Patch def execute_and_free(...) super rescue StandardError => e @@ -47,7 +73,11 @@ def execute_and_free(...) end if defined?(::ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter) - ::ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter.prepend(MySQLPatch) + if SaferRailsConsole::RailsVersion.eight_or_above? + ::ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter.prepend(MySQLAdapterRailsPatch) + elsif SaferRailsConsole::RailsVersion.six_or_above? + ::ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter.prepend(LegacyMySQLAdapterRails67Patch) + end end end end diff --git a/lib/safer_rails_console/rails_version.rb b/lib/safer_rails_console/rails_version.rb index 9815520..c1f2c22 100644 --- a/lib/safer_rails_console/rails_version.rb +++ b/lib/safer_rails_console/rails_version.rb @@ -16,6 +16,12 @@ def six_or_above? @six_or_above = SaferRailsConsole::RailsVersion::RAILS_VERSION >= ::Gem::Version.new('6.0.0') end + + def eight_or_above? + return @eight_or_above if defined?(@eight_or_above) + + @eight_or_above = SaferRailsConsole::RailsVersion::RAILS_VERSION >= ::Gem::Version.new('8.0.0') + end end end end diff --git a/lib/safer_rails_console/version.rb b/lib/safer_rails_console/version.rb index 03cada0..bc48356 100644 --- a/lib/safer_rails_console/version.rb +++ b/lib/safer_rails_console/version.rb @@ -1,5 +1,5 @@ # frozen_string_literal: true module SaferRailsConsole - VERSION = '0.10.0' + VERSION = '0.11.0' end diff --git a/safer_rails_console.gemspec b/safer_rails_console.gemspec index 9110cc2..12254be 100644 --- a/safer_rails_console.gemspec +++ b/safer_rails_console.gemspec @@ -47,5 +47,5 @@ Gem::Specification.new do |spec| spec.add_development_dependency 'rspec_junit_formatter' spec.add_development_dependency 'salsify_rubocop', '~> 1.27.0' - spec.add_runtime_dependency 'rails', '>= 6.1', '< 7.3' + spec.add_runtime_dependency 'rails', '>= 6.1', '< 8.1' end diff --git a/spec/internal/rails_8_0/.dockerignore b/spec/internal/rails_8_0/.dockerignore new file mode 100644 index 0000000..45b0dbd --- /dev/null +++ b/spec/internal/rails_8_0/.dockerignore @@ -0,0 +1,38 @@ +# See https://docs.docker.com/engine/reference/builder/#dockerignore-file for more about ignoring files. + +# Ignore git directory. +/.git/ +/.gitignore + +# Ignore bundler config. +/.bundle + +# Ignore all environment files. +/.env* + +# Ignore all default key files. +/config/master.key +/config/credentials/*.key + +# Ignore all logfiles and tempfiles. +/log/* +/tmp/* + +# Ignore storage (uploaded files in development and any SQLite databases). +/storage/* + +# Ignore assets. +/node_modules/ +/app/assets/builds/* +!/app/assets/builds/.keep +/public/assets + +# Ignore CI service files. +/.github + +# Ignore development files +/.devcontainer + +# Ignore Docker-related files +/.dockerignore +/Dockerfile* diff --git a/spec/internal/rails_8_0/.gitattributes b/spec/internal/rails_8_0/.gitattributes new file mode 100644 index 0000000..8dc4323 --- /dev/null +++ b/spec/internal/rails_8_0/.gitattributes @@ -0,0 +1,9 @@ +# See https://git-scm.com/docs/gitattributes for more about git attribute files. + +# Mark the database schema as having been generated. +db/schema.rb linguist-generated + +# Mark any vendored files as having been vendored. +vendor/* linguist-vendored +config/credentials/*.yml.enc diff=rails_credentials +config/credentials.yml.enc diff=rails_credentials diff --git a/spec/internal/rails_8_0/.gitignore b/spec/internal/rails_8_0/.gitignore new file mode 100644 index 0000000..2c7937d --- /dev/null +++ b/spec/internal/rails_8_0/.gitignore @@ -0,0 +1,23 @@ +# See https://help.github.com/articles/ignoring-files for more about ignoring files. +# +# Temporary files generated by your text editor or operating system +# belong in git's global ignore instead: +# `$XDG_CONFIG_HOME/git/ignore` or `~/.config/git/ignore` + +# Ignore bundler config. +/.bundle + +# Ignore all environment files. +/.env* + +# Ignore all logfiles and tempfiles. +/log/* +/tmp/* + +# Ignore storage (uploaded files in development and any SQLite databases). +/storage/* + +/public/assets + +# Ignore master key for decrypting credentials and more. +/config/master.key diff --git a/spec/internal/rails_8_0/Dockerfile b/spec/internal/rails_8_0/Dockerfile new file mode 100644 index 0000000..4683b4c --- /dev/null +++ b/spec/internal/rails_8_0/Dockerfile @@ -0,0 +1,65 @@ +# syntax=docker/dockerfile:1 +# check=error=true + +# This Dockerfile is designed for production, not development. Use with Kamal or build'n'run by hand: +# docker build -t rails_8_0 . +# docker run -d -p 80:80 -e RAILS_MASTER_KEY= --name rails_8_0 rails_8_0 + +# For a containerized dev environment, see Dev Containers: https://guides.rubyonrails.org/getting_started_with_devcontainer.html + +# Make sure RUBY_VERSION matches the Ruby version in .ruby-version +ARG RUBY_VERSION=3.3.5 +FROM docker.io/library/ruby:$RUBY_VERSION-slim AS base + +# Rails app lives here +WORKDIR /rails + +# Install base packages +RUN apt-get update -qq && \ + apt-get install --no-install-recommends -y curl libjemalloc2 postgresql-client && \ + rm -rf /var/lib/apt/lists /var/cache/apt/archives + +# Set production environment +ENV RAILS_ENV="production" \ + BUNDLE_DEPLOYMENT="1" \ + BUNDLE_PATH="/usr/local/bundle" \ + BUNDLE_WITHOUT="development" + +# Throw-away build stage to reduce size of final image +FROM base AS build + +# Install packages needed to build gems +RUN apt-get update -qq && \ + apt-get install --no-install-recommends -y build-essential git libpq-dev pkg-config && \ + rm -rf /var/lib/apt/lists /var/cache/apt/archives + +# Install application gems +COPY Gemfile Gemfile.lock ./ +RUN bundle install && \ + rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git + +# Copy application code +COPY . . + + + + +# Final stage for app image +FROM base + +# Copy built artifacts: gems, application +COPY --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}" +COPY --from=build /rails /rails + +# Run and own only the runtime files as a non-root user for security +RUN groupadd --system --gid 1000 rails && \ + useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \ + chown -R rails:rails db log tmp +USER 1000:1000 + +# Entrypoint prepares the database. +ENTRYPOINT ["/rails/bin/docker-entrypoint"] + +# Start server via Thruster by default, this can be overwritten at runtime +EXPOSE 80 +CMD ["./bin/thrust", "./bin/rails", "server"] diff --git a/spec/internal/rails_8_0/Gemfile b/spec/internal/rails_8_0/Gemfile new file mode 100644 index 0000000..45f84d6 --- /dev/null +++ b/spec/internal/rails_8_0/Gemfile @@ -0,0 +1,14 @@ +# frozen_string_literal: true + +# Generated with: +# rails new -JABTCM --skip-keeps --skip-active-storage --skip-system-test --skip-bootsnap --skip-hotwire -d postgresql spec/internal/rails_8_0 +# Then modified to match the others + +source "https://rubygems.org" + +gem "mysql2" +gem "pg" +gem "rails", "~> 8.0.0" + + +gem 'safer_rails_console', path: '../../../' diff --git a/spec/internal/rails_8_0/README.md b/spec/internal/rails_8_0/README.md new file mode 100644 index 0000000..7db80e4 --- /dev/null +++ b/spec/internal/rails_8_0/README.md @@ -0,0 +1,24 @@ +# README + +This README would normally document whatever steps are necessary to get the +application up and running. + +Things you may want to cover: + +* Ruby version + +* System dependencies + +* Configuration + +* Database creation + +* Database initialization + +* How to run the test suite + +* Services (job queues, cache servers, search engines, etc.) + +* Deployment instructions + +* ... diff --git a/spec/internal/rails_8_0/Rakefile b/spec/internal/rails_8_0/Rakefile new file mode 100644 index 0000000..9a5ea73 --- /dev/null +++ b/spec/internal/rails_8_0/Rakefile @@ -0,0 +1,6 @@ +# Add your own tasks in files placed in lib/tasks ending in .rake, +# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. + +require_relative "config/application" + +Rails.application.load_tasks diff --git a/spec/internal/rails_8_0/app/assets/stylesheets/application.css b/spec/internal/rails_8_0/app/assets/stylesheets/application.css new file mode 100644 index 0000000..dcd7273 --- /dev/null +++ b/spec/internal/rails_8_0/app/assets/stylesheets/application.css @@ -0,0 +1 @@ +/* Application styles */ diff --git a/spec/internal/rails_8_0/app/controllers/application_controller.rb b/spec/internal/rails_8_0/app/controllers/application_controller.rb new file mode 100644 index 0000000..0d95db2 --- /dev/null +++ b/spec/internal/rails_8_0/app/controllers/application_controller.rb @@ -0,0 +1,4 @@ +class ApplicationController < ActionController::Base + # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has. + allow_browser versions: :modern +end diff --git a/spec/internal/rails_8_0/app/helpers/application_helper.rb b/spec/internal/rails_8_0/app/helpers/application_helper.rb new file mode 100644 index 0000000..de6be79 --- /dev/null +++ b/spec/internal/rails_8_0/app/helpers/application_helper.rb @@ -0,0 +1,2 @@ +module ApplicationHelper +end diff --git a/spec/internal/rails_8_0/app/jobs/application_job.rb b/spec/internal/rails_8_0/app/jobs/application_job.rb new file mode 100644 index 0000000..d394c3d --- /dev/null +++ b/spec/internal/rails_8_0/app/jobs/application_job.rb @@ -0,0 +1,7 @@ +class ApplicationJob < ActiveJob::Base + # Automatically retry jobs that encountered a deadlock + # retry_on ActiveRecord::Deadlocked + + # Most jobs are safe to ignore if the underlying records are no longer available + # discard_on ActiveJob::DeserializationError +end diff --git a/spec/internal/rails_8_0/app/models/application_record.rb b/spec/internal/rails_8_0/app/models/application_record.rb new file mode 100644 index 0000000..b63caeb --- /dev/null +++ b/spec/internal/rails_8_0/app/models/application_record.rb @@ -0,0 +1,3 @@ +class ApplicationRecord < ActiveRecord::Base + primary_abstract_class +end diff --git a/spec/internal/rails_8_0/app/models/model.rb b/spec/internal/rails_8_0/app/models/model.rb new file mode 100644 index 0000000..45a1b4c --- /dev/null +++ b/spec/internal/rails_8_0/app/models/model.rb @@ -0,0 +1,4 @@ +# frozen_string_literal: true + +class Model < ApplicationRecord +end diff --git a/spec/internal/rails_8_0/app/views/layouts/application.html.erb b/spec/internal/rails_8_0/app/views/layouts/application.html.erb new file mode 100644 index 0000000..63317ea --- /dev/null +++ b/spec/internal/rails_8_0/app/views/layouts/application.html.erb @@ -0,0 +1,27 @@ + + + + <%= content_for(:title) || "Rails 8 0" %> + + + + <%= csrf_meta_tags %> + <%= csp_meta_tag %> + + <%= yield :head %> + + <%# Enable PWA manifest for installable apps (make sure to enable in config/routes.rb too!) %> + <%#= tag.link rel: "manifest", href: pwa_manifest_path(format: :json) %> + + + + + + <%# Includes all stylesheet files in app/assets/stylesheets %> + <%= stylesheet_link_tag "application" %> + + + + <%= yield %> + + diff --git a/spec/internal/rails_8_0/app/views/pwa/manifest.json.erb b/spec/internal/rails_8_0/app/views/pwa/manifest.json.erb new file mode 100644 index 0000000..7416da1 --- /dev/null +++ b/spec/internal/rails_8_0/app/views/pwa/manifest.json.erb @@ -0,0 +1,22 @@ +{ + "name": "Rails80", + "icons": [ + { + "src": "/icon.png", + "type": "image/png", + "sizes": "512x512" + }, + { + "src": "/icon.png", + "type": "image/png", + "sizes": "512x512", + "purpose": "maskable" + } + ], + "start_url": "/", + "display": "standalone", + "scope": "/", + "description": "Rails80.", + "theme_color": "red", + "background_color": "red" +} diff --git a/spec/internal/rails_8_0/app/views/pwa/service-worker.js b/spec/internal/rails_8_0/app/views/pwa/service-worker.js new file mode 100644 index 0000000..b3a13fb --- /dev/null +++ b/spec/internal/rails_8_0/app/views/pwa/service-worker.js @@ -0,0 +1,26 @@ +// Add a service worker for processing Web Push notifications: +// +// self.addEventListener("push", async (event) => { +// const { title, options } = await event.data.json() +// event.waitUntil(self.registration.showNotification(title, options)) +// }) +// +// self.addEventListener("notificationclick", function(event) { +// event.notification.close() +// event.waitUntil( +// clients.matchAll({ type: "window" }).then((clientList) => { +// for (let i = 0; i < clientList.length; i++) { +// let client = clientList[i] +// let clientPath = (new URL(client.url)).pathname +// +// if (clientPath == event.notification.data.path && "focus" in client) { +// return client.focus() +// } +// } +// +// if (clients.openWindow) { +// return clients.openWindow(event.notification.data.path) +// } +// }) +// ) +// }) diff --git a/spec/internal/rails_8_0/bin/docker-entrypoint b/spec/internal/rails_8_0/bin/docker-entrypoint new file mode 100755 index 0000000..57567d6 --- /dev/null +++ b/spec/internal/rails_8_0/bin/docker-entrypoint @@ -0,0 +1,14 @@ +#!/bin/bash -e + +# Enable jemalloc for reduced memory usage and latency. +if [ -z "${LD_PRELOAD+x}" ]; then + LD_PRELOAD=$(find /usr/lib -name libjemalloc.so.2 -print -quit) + export LD_PRELOAD +fi + +# If running the rails server then create or migrate existing database +if [ "${@: -2:1}" == "./bin/rails" ] && [ "${@: -1:1}" == "server" ]; then + ./bin/rails db:prepare +fi + +exec "${@}" diff --git a/spec/internal/rails_8_0/bin/rails b/spec/internal/rails_8_0/bin/rails new file mode 100755 index 0000000..efc0377 --- /dev/null +++ b/spec/internal/rails_8_0/bin/rails @@ -0,0 +1,4 @@ +#!/usr/bin/env ruby +APP_PATH = File.expand_path("../config/application", __dir__) +require_relative "../config/boot" +require "rails/commands" diff --git a/spec/internal/rails_8_0/bin/rake b/spec/internal/rails_8_0/bin/rake new file mode 100755 index 0000000..4fbf10b --- /dev/null +++ b/spec/internal/rails_8_0/bin/rake @@ -0,0 +1,4 @@ +#!/usr/bin/env ruby +require_relative "../config/boot" +require "rake" +Rake.application.run diff --git a/spec/internal/rails_8_0/bin/setup b/spec/internal/rails_8_0/bin/setup new file mode 100755 index 0000000..be3db3c --- /dev/null +++ b/spec/internal/rails_8_0/bin/setup @@ -0,0 +1,34 @@ +#!/usr/bin/env ruby +require "fileutils" + +APP_ROOT = File.expand_path("..", __dir__) + +def system!(*args) + system(*args, exception: true) +end + +FileUtils.chdir APP_ROOT do + # This script is a way to set up or update your development environment automatically. + # This script is idempotent, so that you can run it at any time and get an expectable outcome. + # Add necessary setup steps to this file. + + puts "== Installing dependencies ==" + system("bundle check") || system!("bundle install") + + # puts "\n== Copying sample files ==" + # unless File.exist?("config/database.yml") + # FileUtils.cp "config/database.yml.sample", "config/database.yml" + # end + + puts "\n== Preparing database ==" + system! "bin/rails db:prepare" + + puts "\n== Removing old logs and tempfiles ==" + system! "bin/rails log:clear tmp:clear" + + unless ARGV.include?("--skip-server") + puts "\n== Starting development server ==" + STDOUT.flush # flush the output before exec(2) so that it displays + exec "bin/dev" + end +end diff --git a/spec/internal/rails_8_0/bin/thrust b/spec/internal/rails_8_0/bin/thrust new file mode 100644 index 0000000..36bde2d --- /dev/null +++ b/spec/internal/rails_8_0/bin/thrust @@ -0,0 +1,5 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +load Gem.bin_path("thruster", "thrust") diff --git a/spec/internal/rails_8_0/config.ru b/spec/internal/rails_8_0/config.ru new file mode 100644 index 0000000..4a3c09a --- /dev/null +++ b/spec/internal/rails_8_0/config.ru @@ -0,0 +1,6 @@ +# This file is used by Rack-based servers to start the application. + +require_relative "config/environment" + +run Rails.application +Rails.application.load_server diff --git a/spec/internal/rails_8_0/config/application.rb b/spec/internal/rails_8_0/config/application.rb new file mode 100644 index 0000000..5c6e485 --- /dev/null +++ b/spec/internal/rails_8_0/config/application.rb @@ -0,0 +1,42 @@ +require_relative "boot" + +require "rails" +# Pick the frameworks you want: +require "active_model/railtie" +require "active_job/railtie" +require "active_record/railtie" +# require "active_storage/engine" +require "action_controller/railtie" +# require "action_mailer/railtie" +# require "action_mailbox/engine" +# require "action_text/engine" +require "action_view/railtie" +# require "action_cable/engine" +# require "rails/test_unit/railtie" + +# Require the gems listed in Gemfile, including any gems +# you've limited to :test, :development, or :production. +Bundler.require(*Rails.groups) + +module Rails80 + class Application < Rails::Application + # Initialize configuration defaults for originally generated Rails version. + config.load_defaults 8.0 + + # Please, add to the `ignore` list any other `lib` subdirectories that do + # not contain `.rb` files, or that should not be reloaded or eager loaded. + # Common ones are `templates`, `generators`, or `middleware`, for example. + config.autoload_lib(ignore: %w[assets tasks]) + + # Configuration for the application, engines, and railties goes here. + # + # These settings can be overridden in specific environments using the files + # in config/environments, which are processed later. + # + # config.time_zone = "Central Time (US & Canada)" + # config.eager_load_paths << Rails.root.join("extras") + + # Don't generate system test files. + config.generators.system_tests = nil + end +end diff --git a/spec/internal/rails_8_0/config/boot.rb b/spec/internal/rails_8_0/config/boot.rb new file mode 100644 index 0000000..a30b2c7 --- /dev/null +++ b/spec/internal/rails_8_0/config/boot.rb @@ -0,0 +1,5 @@ +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) + +require "bundler/setup" # Set up gems listed in the Gemfile. + +require "safer_rails_console/patches/boot" diff --git a/spec/internal/rails_8_0/config/credentials.yml.enc b/spec/internal/rails_8_0/config/credentials.yml.enc new file mode 100644 index 0000000..c03ae8e --- /dev/null +++ b/spec/internal/rails_8_0/config/credentials.yml.enc @@ -0,0 +1 @@ +bHUwwuy8jGvXe97wlZpFphdqmmAqw8wQOf+F9NS7bl/Nd8/cGppAV1HZJwzyRSXRV5inAm0qPHYk7HUgVHn3ndXwMF2eZ8LZfVKHeSBe+sGll2FDYW9cQenVgXGsmWjKgeYdvvak3yldDoHEBvNuWnGI6keZBjRSBrRzKvkKkSyNFa/dUQV2Xd16KjKCkAEZkaNcN+yQKj0AegIk8bap16+DnIUiOUC7E2s50NCJ7N0GxtBevVBQtHayonBTYjtzC/4QIkQF3IsP5V36zxqB2NI0wWaqLLPUcCdGx6K+yWc+2m7ZHyOcQpkxiDDINSZPL6krjYgS0lIYvV//JCtG0ZzU3tY+WDsSFe9DgNNnK48UBC5BWKftZKTJDTXM8QKklxSUUFS20itRFW9jA9kVUyJ/uQfO0uvflnwuBsb46Yx3OrDxDd/zCZouRXUmG3Gtqpsnl4sEXw36SAVBGOfyIWlz7iQD97p2qWdUuJooKgJ5YqShsYsl2ICi--qQ4QdWYSWrod7D2y--NY38CuO1wvuic5IBahKAsQ== \ No newline at end of file diff --git a/spec/internal/rails_8_0/config/database.yml b/spec/internal/rails_8_0/config/database.yml new file mode 100644 index 0000000..612f2b5 --- /dev/null +++ b/spec/internal/rails_8_0/config/database.yml @@ -0,0 +1,49 @@ +# PostgreSQL. Versions 9.3 and up are supported. +# +# Install the pg driver: +# gem install pg +# On macOS with Homebrew: +# gem install pg -- --with-pg-config=/usr/local/bin/pg_config +# On Windows: +# gem install pg +# Choose the win32 build. +# Install PostgreSQL and put its /bin directory on your path. +# +# Configure Using Gemfile +# gem "pg" +# +default: &default + adapter: postgresql + encoding: unicode + # For details on connection pooling, see Rails configuration guide + # https://guides.rubyonrails.org/configuring.html#database-pooling + pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %> + timeout: 5000 + port: <%= ENV['DB_PORT'] || 5432 %> + host: <%= ENV['DB_HOST'] || 'localhost' %> + username: <%= ENV['DB_USER'] %> + password: <%= ENV['DB_PASSWORD'] %> + +mysql2: &mysql2 + adapter: mysql2 + timeout: 5000 + port: <%= ENV['MYSQL_DB_PORT'] || 3306 %> + host: <%= ENV['MYSQL_DB_HOST'] || '127.0.0.1' %> + username: <%= ENV['MYSQL_DB_USER'] || 'root' %> + password: <%= ENV['MYSQL_DB_PASSWORD'] %> + +development: + <<: *default + database: safer_rails_console_development + +development-mysql2: + <<: *mysql2 + database: safer_rails_console_development + +test: + <<: *default + database: safer_rails_console_test + +production: + <<: *default + database: safer_rails_console_production diff --git a/spec/internal/rails_8_0/config/environment.rb b/spec/internal/rails_8_0/config/environment.rb new file mode 100644 index 0000000..cac5315 --- /dev/null +++ b/spec/internal/rails_8_0/config/environment.rb @@ -0,0 +1,5 @@ +# Load the Rails application. +require_relative "application" + +# Initialize the Rails application. +Rails.application.initialize! diff --git a/spec/internal/rails_8_0/config/environments/development.rb b/spec/internal/rails_8_0/config/environments/development.rb new file mode 100644 index 0000000..5ae5022 --- /dev/null +++ b/spec/internal/rails_8_0/config/environments/development.rb @@ -0,0 +1,57 @@ +require "active_support/core_ext/integer/time" + +Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. + + # Make code changes take effect immediately without server restart. + config.enable_reloading = true + + # Do not eager load code on boot. + config.eager_load = false + + # Show full error reports. + config.consider_all_requests_local = true + + # Enable server timing. + config.server_timing = true + + # Enable/disable Action Controller caching. By default Action Controller caching is disabled. + # Run rails dev:cache to toggle Action Controller caching. + if Rails.root.join("tmp/caching-dev.txt").exist? + config.action_controller.perform_caching = true + config.action_controller.enable_fragment_cache_logging = true + config.public_file_server.headers = { "cache-control" => "public, max-age=#{2.days.to_i}" } + else + config.action_controller.perform_caching = false + end + + # Change to :null_store to avoid any caching. + config.cache_store = :memory_store + + # Print deprecation notices to the Rails logger. + config.active_support.deprecation = :log + + # Raise an error on page load if there are pending migrations. + config.active_record.migration_error = :page_load + + # Highlight code that triggered database queries in logs. + config.active_record.verbose_query_logs = true + + # Append comments with runtime information tags to SQL queries in logs. + config.active_record.query_log_tags_enabled = true + + # Highlight code that enqueued background job in logs. + config.active_job.verbose_enqueue_logs = true + + # Raises error for missing translations. + # config.i18n.raise_on_missing_translations = true + + # Annotate rendered view with file names. + config.action_view.annotate_rendered_view_with_filenames = true + + # Raise error when a before_action's only/except options reference missing actions. + config.action_controller.raise_on_missing_callback_actions = true + + # Apply autocorrection by RuboCop to files generated by `bin/rails generate`. + # config.generators.apply_rubocop_autocorrect_after_generate! +end diff --git a/spec/internal/rails_8_0/config/environments/production.rb b/spec/internal/rails_8_0/config/environments/production.rb new file mode 100644 index 0000000..c6e93c6 --- /dev/null +++ b/spec/internal/rails_8_0/config/environments/production.rb @@ -0,0 +1,70 @@ +require "active_support/core_ext/integer/time" + +Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. + + # Code is not reloaded between requests. + config.enable_reloading = false + + # Eager load code on boot for better performance and memory savings (ignored by Rake tasks). + config.eager_load = true + + # Full error reports are disabled. + config.consider_all_requests_local = false + + # Turn on fragment caching in view templates. + config.action_controller.perform_caching = true + + # Cache assets for far-future expiry since they are all digest stamped. + config.public_file_server.headers = { "cache-control" => "public, max-age=#{1.year.to_i}" } + + # Enable serving of images, stylesheets, and JavaScripts from an asset server. + # config.asset_host = "http://assets.example.com" + + # Assume all access to the app is happening through a SSL-terminating reverse proxy. + config.assume_ssl = true + + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. + config.force_ssl = true + + # Skip http-to-https redirect for the default health check endpoint. + # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } + + # Log to STDOUT with the current request id as a default log tag. + config.log_tags = [ :request_id ] + config.logger = ActiveSupport::TaggedLogging.logger(STDOUT) + + # Change to "debug" to log everything (including potentially personally-identifiable information!) + config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") + + # Prevent health checks from clogging up the logs. + config.silence_healthcheck_path = "/up" + + # Don't log any deprecations. + config.active_support.report_deprecations = false + + # Replace the default in-process memory cache store with a durable alternative. + # config.cache_store = :mem_cache_store + + # Replace the default in-process and non-durable queuing backend for Active Job. + # config.active_job.queue_adapter = :resque + + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to + # the I18n.default_locale when a translation cannot be found). + config.i18n.fallbacks = true + + # Do not dump schema after migrations. + config.active_record.dump_schema_after_migration = false + + # Only use :id for inspections in production. + config.active_record.attributes_for_inspect = [ :id ] + + # Enable DNS rebinding protection and other `Host` header attacks. + # config.hosts = [ + # "example.com", # Allow requests from example.com + # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` + # ] + # + # Skip DNS rebinding protection for the default health check endpoint. + # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } +end diff --git a/spec/internal/rails_8_0/config/environments/test.rb b/spec/internal/rails_8_0/config/environments/test.rb new file mode 100644 index 0000000..14bc29e --- /dev/null +++ b/spec/internal/rails_8_0/config/environments/test.rb @@ -0,0 +1,42 @@ +# The test environment is used exclusively to run your application's +# test suite. You never need to work with it otherwise. Remember that +# your test database is "scratch space" for the test suite and is wiped +# and recreated between test runs. Don't rely on the data there! + +Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. + + # While tests run files are not watched, reloading is not necessary. + config.enable_reloading = false + + # Eager loading loads your entire application. When running a single test locally, + # this is usually not necessary, and can slow down your test suite. However, it's + # recommended that you enable it in continuous integration systems to ensure eager + # loading is working properly before deploying your code. + config.eager_load = ENV["CI"].present? + + # Configure public file server for tests with cache-control for performance. + config.public_file_server.headers = { "cache-control" => "public, max-age=3600" } + + # Show full error reports. + config.consider_all_requests_local = true + config.cache_store = :null_store + + # Render exception templates for rescuable exceptions and raise for other exceptions. + config.action_dispatch.show_exceptions = :rescuable + + # Disable request forgery protection in test environment. + config.action_controller.allow_forgery_protection = false + + # Print deprecation notices to the stderr. + config.active_support.deprecation = :stderr + + # Raises error for missing translations. + # config.i18n.raise_on_missing_translations = true + + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true + + # Raise error when a before_action's only/except options reference missing actions. + config.action_controller.raise_on_missing_callback_actions = true +end diff --git a/spec/internal/rails_8_0/config/initializers/content_security_policy.rb b/spec/internal/rails_8_0/config/initializers/content_security_policy.rb new file mode 100644 index 0000000..b3076b3 --- /dev/null +++ b/spec/internal/rails_8_0/config/initializers/content_security_policy.rb @@ -0,0 +1,25 @@ +# Be sure to restart your server when you modify this file. + +# Define an application-wide content security policy. +# See the Securing Rails Applications Guide for more information: +# https://guides.rubyonrails.org/security.html#content-security-policy-header + +# Rails.application.configure do +# config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end +# +# # Generate session nonces for permitted importmap, inline scripts, and inline styles. +# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } +# config.content_security_policy_nonce_directives = %w(script-src style-src) +# +# # Report violations without enforcing the policy. +# # config.content_security_policy_report_only = true +# end diff --git a/spec/internal/rails_8_0/config/initializers/filter_parameter_logging.rb b/spec/internal/rails_8_0/config/initializers/filter_parameter_logging.rb new file mode 100644 index 0000000..c0b717f --- /dev/null +++ b/spec/internal/rails_8_0/config/initializers/filter_parameter_logging.rb @@ -0,0 +1,8 @@ +# Be sure to restart your server when you modify this file. + +# Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file. +# Use this to limit dissemination of sensitive information. +# See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. +Rails.application.config.filter_parameters += [ + :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn, :cvv, :cvc +] diff --git a/spec/internal/rails_8_0/config/initializers/inflections.rb b/spec/internal/rails_8_0/config/initializers/inflections.rb new file mode 100644 index 0000000..3860f65 --- /dev/null +++ b/spec/internal/rails_8_0/config/initializers/inflections.rb @@ -0,0 +1,16 @@ +# Be sure to restart your server when you modify this file. + +# Add new inflection rules using the following format. Inflections +# are locale specific, and you may define rules for as many different +# locales as you wish. All of these examples are active by default: +# ActiveSupport::Inflector.inflections(:en) do |inflect| +# inflect.plural /^(ox)$/i, "\\1en" +# inflect.singular /^(ox)en/i, "\\1" +# inflect.irregular "person", "people" +# inflect.uncountable %w( fish sheep ) +# end + +# These inflection rules are supported but not enabled by default: +# ActiveSupport::Inflector.inflections(:en) do |inflect| +# inflect.acronym "RESTful" +# end diff --git a/spec/internal/rails_8_0/config/locales/en.yml b/spec/internal/rails_8_0/config/locales/en.yml new file mode 100644 index 0000000..6c349ae --- /dev/null +++ b/spec/internal/rails_8_0/config/locales/en.yml @@ -0,0 +1,31 @@ +# Files in the config/locales directory are used for internationalization and +# are automatically loaded by Rails. If you want to use locales other than +# English, add the necessary files in this directory. +# +# To use the locales, use `I18n.t`: +# +# I18n.t "hello" +# +# In views, this is aliased to just `t`: +# +# <%= t("hello") %> +# +# To use a different locale, set it with `I18n.locale`: +# +# I18n.locale = :es +# +# This would use the information in config/locales/es.yml. +# +# To learn more about the API, please read the Rails Internationalization guide +# at https://guides.rubyonrails.org/i18n.html. +# +# Be aware that YAML interprets the following case-insensitive strings as +# booleans: `true`, `false`, `on`, `off`, `yes`, `no`. Therefore, these strings +# must be quoted to be interpreted as strings. For example: +# +# en: +# "yes": yup +# enabled: "ON" + +en: + hello: "Hello world" diff --git a/spec/internal/rails_8_0/config/puma.rb b/spec/internal/rails_8_0/config/puma.rb new file mode 100644 index 0000000..a248513 --- /dev/null +++ b/spec/internal/rails_8_0/config/puma.rb @@ -0,0 +1,41 @@ +# This configuration file will be evaluated by Puma. The top-level methods that +# are invoked here are part of Puma's configuration DSL. For more information +# about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html. +# +# Puma starts a configurable number of processes (workers) and each process +# serves each request in a thread from an internal thread pool. +# +# You can control the number of workers using ENV["WEB_CONCURRENCY"]. You +# should only set this value when you want to run 2 or more workers. The +# default is already 1. +# +# The ideal number of threads per worker depends both on how much time the +# application spends waiting for IO operations and on how much you wish to +# prioritize throughput over latency. +# +# As a rule of thumb, increasing the number of threads will increase how much +# traffic a given process can handle (throughput), but due to CRuby's +# Global VM Lock (GVL) it has diminishing returns and will degrade the +# response time (latency) of the application. +# +# The default is set to 3 threads as it's deemed a decent compromise between +# throughput and latency for the average Rails application. +# +# Any libraries that use a connection pool or another resource pool should +# be configured to provide at least as many connections as the number of +# threads. This includes Active Record's `pool` parameter in `database.yml`. +threads_count = ENV.fetch("RAILS_MAX_THREADS", 3) +threads threads_count, threads_count + +# Specifies the `port` that Puma will listen on to receive requests; default is 3000. +port ENV.fetch("PORT", 3000) + +# Allow puma to be restarted by `bin/rails restart` command. +plugin :tmp_restart + +# Run the Solid Queue supervisor inside of Puma for single-server deployments +plugin :solid_queue if ENV["SOLID_QUEUE_IN_PUMA"] + +# Specify the PID file. Defaults to tmp/pids/server.pid in development. +# In other environments, only set the PID file if requested. +pidfile ENV["PIDFILE"] if ENV["PIDFILE"] diff --git a/spec/internal/rails_8_0/config/routes.rb b/spec/internal/rails_8_0/config/routes.rb new file mode 100644 index 0000000..48254e8 --- /dev/null +++ b/spec/internal/rails_8_0/config/routes.rb @@ -0,0 +1,14 @@ +Rails.application.routes.draw do + # Define your application routes per the DSL in https://guides.rubyonrails.org/routing.html + + # Reveal health status on /up that returns 200 if the app boots with no exceptions, otherwise 500. + # Can be used by load balancers and uptime monitors to verify that the app is live. + get "up" => "rails/health#show", as: :rails_health_check + + # Render dynamic PWA files from app/views/pwa/* (remember to link manifest in application.html.erb) + # get "manifest" => "rails/pwa#manifest", as: :pwa_manifest + # get "service-worker" => "rails/pwa#service_worker", as: :pwa_service_worker + + # Defines the root path route ("/") + # root "posts#index" +end diff --git a/spec/internal/rails_8_0/db/schema.rb b/spec/internal/rails_8_0/db/schema.rb new file mode 100644 index 0000000..79d14d6 --- /dev/null +++ b/spec/internal/rails_8_0/db/schema.rb @@ -0,0 +1,5 @@ +# frozen_string_literal: true + +ActiveRecord::Schema.define do + create_table :models +end diff --git a/spec/internal/rails_8_0/db/seeds.rb b/spec/internal/rails_8_0/db/seeds.rb new file mode 100644 index 0000000..4fbd6ed --- /dev/null +++ b/spec/internal/rails_8_0/db/seeds.rb @@ -0,0 +1,9 @@ +# This file should ensure the existence of records required to run the application in every environment (production, +# development, test). The code here should be idempotent so that it can be executed at any point in every environment. +# The data can then be loaded with the bin/rails db:seed command (or created alongside the database with db:setup). +# +# Example: +# +# ["Action", "Comedy", "Drama", "Horror"].each do |genre_name| +# MovieGenre.find_or_create_by!(name: genre_name) +# end diff --git a/spec/internal/rails_8_0/public/400.html b/spec/internal/rails_8_0/public/400.html new file mode 100644 index 0000000..282dbc8 --- /dev/null +++ b/spec/internal/rails_8_0/public/400.html @@ -0,0 +1,114 @@ + + + + + + + The server cannot process the request due to a client error (400 Bad Request) + + + + + + + + + + + + + +
+
+ +
+
+

The server cannot process the request due to a client error. Please check the request and try again. If you’re the application owner check the logs for more information.

+
+
+ + + + diff --git a/spec/internal/rails_8_0/public/404.html b/spec/internal/rails_8_0/public/404.html new file mode 100644 index 0000000..c0670bc --- /dev/null +++ b/spec/internal/rails_8_0/public/404.html @@ -0,0 +1,114 @@ + + + + + + + The page you were looking for doesn’t exist (404 Not found) + + + + + + + + + + + + + +
+
+ +
+
+

The page you were looking for doesn’t exist. You may have mistyped the address or the page may have moved. If you’re the application owner check the logs for more information.

+
+
+ + + + diff --git a/spec/internal/rails_8_0/public/406-unsupported-browser.html b/spec/internal/rails_8_0/public/406-unsupported-browser.html new file mode 100644 index 0000000..9532a9c --- /dev/null +++ b/spec/internal/rails_8_0/public/406-unsupported-browser.html @@ -0,0 +1,114 @@ + + + + + + + Your browser is not supported (406 Not Acceptable) + + + + + + + + + + + + + +
+
+ +
+
+

Your browser is not supported.
Please upgrade your browser to continue.

+
+
+ + + + diff --git a/spec/internal/rails_8_0/public/422.html b/spec/internal/rails_8_0/public/422.html new file mode 100644 index 0000000..8bcf060 --- /dev/null +++ b/spec/internal/rails_8_0/public/422.html @@ -0,0 +1,114 @@ + + + + + + + The change you wanted was rejected (422 Unprocessable Entity) + + + + + + + + + + + + + +
+
+ +
+
+

The change you wanted was rejected. Maybe you tried to change something you didn’t have access to. If you’re the application owner check the logs for more information.

+
+
+ + + + diff --git a/spec/internal/rails_8_0/public/500.html b/spec/internal/rails_8_0/public/500.html new file mode 100644 index 0000000..d77718c --- /dev/null +++ b/spec/internal/rails_8_0/public/500.html @@ -0,0 +1,114 @@ + + + + + + + We’re sorry, but something went wrong (500 Internal Server Error) + + + + + + + + + + + + + +
+
+ +
+
+

We’re sorry, but something went wrong.
If you’re the application owner check the logs for more information.

+
+
+ + + + diff --git a/spec/internal/rails_8_0/public/icon.png b/spec/internal/rails_8_0/public/icon.png new file mode 100644 index 0000000..c4c9dbf Binary files /dev/null and b/spec/internal/rails_8_0/public/icon.png differ diff --git a/spec/internal/rails_8_0/public/icon.svg b/spec/internal/rails_8_0/public/icon.svg new file mode 100644 index 0000000..04b34bf --- /dev/null +++ b/spec/internal/rails_8_0/public/icon.svg @@ -0,0 +1,3 @@ + + + diff --git a/spec/internal/rails_8_0/public/robots.txt b/spec/internal/rails_8_0/public/robots.txt new file mode 100644 index 0000000..c19f78a --- /dev/null +++ b/spec/internal/rails_8_0/public/robots.txt @@ -0,0 +1 @@ +# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file diff --git a/spec/safer_rails_console/rails_version_spec.rb b/spec/safer_rails_console/rails_version_spec.rb index d1589fc..d11fa13 100644 --- a/spec/safer_rails_console/rails_version_spec.rb +++ b/spec/safer_rails_console/rails_version_spec.rb @@ -16,6 +16,7 @@ it "responds correctly" do expect(described_class.supported?).to eq(false) expect(described_class.six_or_above?).to eq(false) + expect(described_class.eight_or_above?).to eq(false) end end @@ -25,6 +26,7 @@ it "responds correctly" do expect(described_class.supported?).to eq(true) expect(described_class.six_or_above?).to eq(true) + expect(described_class.eight_or_above?).to eq(false) end end @@ -43,6 +45,7 @@ it "responds correctly" do expect(described_class.supported?).to eq(true) expect(described_class.six_or_above?).to eq(true) + expect(described_class.eight_or_above?).to eq(false) end end @@ -52,6 +55,7 @@ it "responds correctly" do expect(described_class.supported?).to eq(true) expect(described_class.six_or_above?).to eq(true) + expect(described_class.eight_or_above?).to eq(false) end end @@ -61,6 +65,17 @@ it "responds correctly" do expect(described_class.supported?).to eq(true) expect(described_class.six_or_above?).to eq(true) + expect(described_class.eight_or_above?).to eq(false) + end + end + + describe "8.0" do + let(:rails_version) { '8.0.0' } + + it "responds correctly" do + expect(described_class.supported?).to eq(true) + expect(described_class.six_or_above?).to eq(true) + expect(described_class.eight_or_above?).to eq(true) end end end