[#46647] Bump Rails to 7.1

- Modified config files: - config/application.rb - config/environment.rb - config/environments/development.rb - config/environments/production.rb https://community.openproject.org/work_packages/46647
2026-06-13 19:20:00 +00:00 · 2023-04-03 16:31:39 +03:00
parent 7e1e091830
commit f67aee52f5
8 changed files with 207 additions and 104 deletions
@@ -39,7 +39,7 @@ gem 'activemodel-serializers-xml', '~> 1.0.1'
 gem 'activerecord-import', '~> 1.5.0'
 gem 'activerecord-session_store', '~> 2.1.0'
 gem 'ox'
-gem 'rails', '~> 7.0', '>= 7.0.3.1'
+gem 'rails', '~> 7.1.2'
 gem 'responders', '~> 3.0'

 gem 'ffi', '~> 1.15'
@@ -238,66 +238,71 @@ GEM
  remote: https://rubygems.org/
  specs:
    Ascii85 (1.1.0)
-    actioncable (7.0.8)
-      actionpack (= 7.0.8)
-      activesupport (= 7.0.8)
+    actioncable (7.1.3)
+      actionpack (= 7.1.3)
+      activesupport (= 7.1.3)
      nio4r (~> 2.0)
      websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.8)
-      actionpack (= 7.0.8)
-      activejob (= 7.0.8)
-      activerecord (= 7.0.8)
-      activestorage (= 7.0.8)
-      activesupport (= 7.0.8)
+      zeitwerk (~> 2.6)
+    actionmailbox (7.1.3)
+      actionpack (= 7.1.3)
+      activejob (= 7.1.3)
+      activerecord (= 7.1.3)
+      activestorage (= 7.1.3)
+      activesupport (= 7.1.3)
      mail (>= 2.7.1)
      net-imap
      net-pop
      net-smtp
-    actionmailer (7.0.8)
-      actionpack (= 7.0.8)
-      actionview (= 7.0.8)
-      activejob (= 7.0.8)
-      activesupport (= 7.0.8)
+    actionmailer (7.1.3)
+      actionpack (= 7.1.3)
+      actionview (= 7.1.3)
+      activejob (= 7.1.3)
+      activesupport (= 7.1.3)
      mail (~> 2.5, >= 2.5.4)
      net-imap
      net-pop
      net-smtp
-      rails-dom-testing (~> 2.0)
-    actionpack (7.0.8)
-      actionview (= 7.0.8)
-      activesupport (= 7.0.8)
-      rack (~> 2.0, >= 2.2.4)
+      rails-dom-testing (~> 2.2)
+    actionpack (7.1.3)
+      actionview (= 7.1.3)
+      activesupport (= 7.1.3)
+      nokogiri (>= 1.8.5)
+      racc
+      rack (>= 2.2.4)
+      rack-session (>= 1.0.1)
      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
    actionpack-xml_parser (2.0.1)
      actionpack (>= 5.0)
      railties (>= 5.0)
-    actiontext (7.0.8)
-      actionpack (= 7.0.8)
-      activerecord (= 7.0.8)
-      activestorage (= 7.0.8)
-      activesupport (= 7.0.8)
+    actiontext (7.1.3)
+      actionpack (= 7.1.3)
+      activerecord (= 7.1.3)
+      activestorage (= 7.1.3)
+      activesupport (= 7.1.3)
      globalid (>= 0.6.0)
      nokogiri (>= 1.8.5)
-    actionview (7.0.8)
-      activesupport (= 7.0.8)
+    actionview (7.1.3)
+      activesupport (= 7.1.3)
      builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (7.0.8)
-      activesupport (= 7.0.8)
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activejob (7.1.3)
+      activesupport (= 7.1.3)
      globalid (>= 0.3.6)
-    activemodel (7.0.8)
-      activesupport (= 7.0.8)
+    activemodel (7.1.3)
+      activesupport (= 7.1.3)
    activemodel-serializers-xml (1.0.2)
      activemodel (> 5.x)
      activesupport (> 5.x)
      builder (~> 3.1)
-    activerecord (7.0.8)
-      activemodel (= 7.0.8)
-      activesupport (= 7.0.8)
+    activerecord (7.1.3)
+      activemodel (= 7.1.3)
+      activesupport (= 7.1.3)
+      timeout (>= 0.4.0)
    activerecord-import (1.5.1)
      activerecord (>= 4.2)
    activerecord-nulldb-adapter (1.0.1)
@@ -309,17 +314,21 @@ GEM
      multi_json (~> 1.11, >= 1.11.2)
      rack (>= 2.0.8, < 4)
      railties (>= 6.1)
-    activestorage (7.0.8)
-      actionpack (= 7.0.8)
-      activejob (= 7.0.8)
-      activerecord (= 7.0.8)
-      activesupport (= 7.0.8)
+    activestorage (7.1.3)
+      actionpack (= 7.1.3)
+      activejob (= 7.1.3)
+      activerecord (= 7.1.3)
+      activesupport (= 7.1.3)
      marcel (~> 1.0)
-      mini_mime (>= 1.1.0)
-    activesupport (7.0.8)
+    activesupport (7.1.3)
+      base64
+      bigdecimal
      concurrent-ruby (~> 1.0, >= 1.0.2)
+      connection_pool (>= 2.2.5)
+      drb
      i18n (>= 1.6, < 2)
      minitest (>= 5.1)
+      mutex_m
      tzinfo (~> 2.0)
    acts_as_list (1.1.0)
      activerecord (>= 4.2)
@@ -466,6 +475,8 @@ GEM
    dotenv-rails (2.8.1)
      dotenv (= 2.8.1)
      railties (>= 3.2)
+    drb (2.2.0)
+      ruby2_keywords
    dry-container (0.11.0)
      concurrent-ruby (~> 1.0)
    dry-core (1.0.1)
@@ -704,6 +715,7 @@ GEM
      ruby2_keywords (~> 0.0.1)
    mustermann-grape (1.0.2)
      mustermann (>= 1.0.0)
+    mutex_m (0.2.0)
    net-http (0.4.1)
      uri
    net-imap (0.4.9.1)
@@ -831,26 +843,31 @@ GEM
    rack-protection (3.2.0)
      base64 (>= 0.1.0)
      rack (~> 2.2, >= 2.2.4)
+    rack-session (1.0.2)
+      rack (< 3)
    rack-test (2.1.0)
      rack (>= 1.3)
    rack-timeout (0.6.3)
    rack_session_access (0.2.0)
      builder (>= 2.0.0)
      rack (>= 1.0.0)
-    rails (7.0.8)
-      actioncable (= 7.0.8)
-      actionmailbox (= 7.0.8)
-      actionmailer (= 7.0.8)
-      actionpack (= 7.0.8)
-      actiontext (= 7.0.8)
-      actionview (= 7.0.8)
-      activejob (= 7.0.8)
-      activemodel (= 7.0.8)
-      activerecord (= 7.0.8)
-      activestorage (= 7.0.8)
-      activesupport (= 7.0.8)
+    rackup (1.0.0)
+      rack (< 3)
+      webrick
+    rails (7.1.3)
+      actioncable (= 7.1.3)
+      actionmailbox (= 7.1.3)
+      actionmailer (= 7.1.3)
+      actionpack (= 7.1.3)
+      actiontext (= 7.1.3)
+      actionview (= 7.1.3)
+      activejob (= 7.1.3)
+      activemodel (= 7.1.3)
+      activerecord (= 7.1.3)
+      activestorage (= 7.1.3)
+      activesupport (= 7.1.3)
      bundler (>= 1.15.0)
-      railties (= 7.0.8)
+      railties (= 7.1.3)
    rails-controller-testing (1.0.5)
      actionpack (>= 5.0.1.rc1)
      actionview (>= 5.0.1.rc1)
@@ -865,13 +882,14 @@ GEM
    rails-i18n (7.0.8)
      i18n (>= 0.7, < 2)
      railties (>= 6.0.0, < 8)
-    railties (7.0.8)
-      actionpack (= 7.0.8)
-      activesupport (= 7.0.8)
-      method_source
+    railties (7.1.3)
+      actionpack (= 7.1.3)
+      activesupport (= 7.1.3)
+      irb
+      rackup (>= 1.0.0)
      rake (>= 12.2)
-      thor (~> 1.0)
-      zeitwerk (~> 2.5)
+      thor (~> 1.0, >= 1.2.2)
+      zeitwerk (~> 2.6)
    rainbow (3.1.1)
    rake (13.1.0)
    rb-fsevent (0.11.2)
@@ -1240,7 +1258,7 @@ DEPENDENCIES
  rack-test (~> 2.1.0)
  rack-timeout (~> 0.6.3)
  rack_session_access
-  rails (~> 7.0, >= 7.0.3.1)
+  rails (~> 7.1.2)
  rails-controller-testing (~> 1.0.2)
  rails-i18n (~> 7.0.0)
  rdoc (>= 2.4.2)
@@ -35,16 +35,9 @@ require 'core_extensions'
 require "view_component"
 require "primer/view_components/engine"

-# Silence deprecations early on for testing on CI and production
-ActiveSupport::Deprecation.silenced =
-  (Rails.env.production? && !ENV['OPENPROJECT_SHOW_DEPRECATIONS']) ||
-  (Rails.env.test? && ENV.fetch('CI', nil))
-
-if defined?(Bundler)
-  # Require the gems listed in Gemfile, including any gems
-  # you've limited to :test, :development, or :production.
-  Bundler.require(*Rails.groups(:opf_plugins))
-end
+# Require the gems listed in Gemfile, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(*Rails.groups(:opf_plugins))

 require_relative '../lib_static/open_project/configuration'

@@ -54,7 +47,7 @@ module OpenProject
    # Application configuration should go into files in config/initializers
    # -- all .rb files in that directory are automatically loaded.

-    # Initialize configuration defaults for a Rails version.
+    # Initialize configuration defaults for originally generated Rails version.
    #
    # This includes defaults for versions prior to the target version. See the
    # configuration guide at
@@ -70,6 +63,17 @@ module OpenProject
    # Note that this warning can be removed in the 7.1 upgrade
    ActiveRecord.suppress_multiple_database_warning = true

+    # Please, add to the `ignore` list any other `lib` subdirectories that do
+    # not contain `.rb` files, or that should not be reloaded or eager loaded.
+    # Common ones are `templates`, `generators`, or `middleware`, for example.
+    config.autoload_lib(ignore: %w(assets tasks))
+
+    # Configuration for the application, engines, and railties goes here.
+    # These settings can be overridden in specific environments using the files
+    # in config/environments, which are processed later.
+    # config.time_zone = "Central Time (US & Canada)"
+    # config.eager_load_paths << Rails.root.join("extras")
+
    # Do not require `belongs_to` associations to be present by default.
    # Rails 5.0+ default is true. Because of history, lots of tests fail when
    # set to true.
@@ -114,7 +118,6 @@ module OpenProject
    config.middleware.use Rack::TempfileReaper

    # Custom directories with classes and modules you want to be autoloadable.
-    config.enable_dependency_loading = true
    config.paths.add Rails.root.join('lib').to_s, eager_load: true
    config.paths.add Rails.root.join('lib/constraints').to_s, eager_load: true

@@ -26,7 +26,8 @@
 # See COPYRIGHT and LICENSE files for more details.
 #++

+# Load the Rails application.
 require_relative 'application'

-# Load and initialize the Rails application.
+# Initialize the Rails application.
 OpenProject::Application.initialize!
@@ -26,13 +26,15 @@
 # See COPYRIGHT and LICENSE files for more details.
 #++

+require 'active_support/core_ext/integer/time'
+
 OpenProject::Application.configure do
  # Settings specified here will take precedence over those in config/application.rb.

-  # In the development environment your application's code is reloaded on
-  # every request. This slows down response time but is perfect for development
+  # In the development environment your application's code is reloaded any time
+  # it changes. This slows down response time but is perfect for development
  # since you don't have to restart the web server when you make code changes.
-  config.cache_classes = false
+  config.enable_reloading = true

  # Do not eager load code on boot by default.
  config.eager_load = ENV['EAGER_LOAD'].present?
@@ -40,14 +42,27 @@ OpenProject::Application.configure do
  # Asynchronous file watcher
  config.file_watcher = ActiveSupport::EventedFileUpdateChecker

-  # Store uploaded files on the local file system (see config/storage.yml for options)
-  config.active_storage.service = :local
-
  # Show full error reports
  config.consider_all_requests_local = true

-  # Enable caching in development
-  config.action_controller.perform_caching = true
+  # Enable server timing
+  config.server_timing = true
+
+  # Enable/disable caching. By default caching is disabled.
+  # Run rails dev:cache to toggle caching.
+  if Rails.root.join("tmp/caching-dev.txt").exist?
+    config.action_controller.perform_caching = true
+    config.action_controller.enable_fragment_cache_logging = true
+    config.cache_store = :memory_store
+    config.public_file_server.headers = {
+      "Cache-Control" => "public, max-age=#{2.days.to_i}"
+    }
+  else
+    config.cache_store = :null_store
+  end
+
+  # Store uploaded files on the local file system (see config/storage.yml for options).
+  config.active_storage.service = :local

  # Don't perform caching for Action Mailer in development
  config.action_mailer.perform_caching = false
@@ -58,21 +73,39 @@ OpenProject::Application.configure do
  # Print deprecation notices to the Rails logger.
  config.active_support.deprecation = :log

-  # Raise an error on page load if there are pending migrations
+  # Raise exceptions for disallowed deprecations.
+  config.active_support.disallowed_deprecation = :raise
+
+  # Tell Active Support which deprecation messages to disallow.
+  config.active_support.disallowed_deprecation_warnings = []
+
+  # Raise an error on page load if there are pending migrations.
  config.active_record.migration_error = :page_load

  # Highlight code that triggered database queries in logs.
  config.active_record.verbose_query_logs = true

+  # Highlight code that enqueued background job in logs.
+  config.active_job.verbose_enqueue_logs = true
+
  # Disable compression and asset digests, but disable debug
  config.assets.debug = false
  config.assets.digest = false

-  # Suppress asset output
+  # Suppress logger output for asset requests.
  config.assets.quiet = true unless config.log_level == :debug

-  # Raises error for missing translations
-  # config.action_view.raise_on_missing_translations = true
+  # Raises error for missing translations.
+  # config.i18n.raise_on_missing_translations = true
+
+  # Annotate rendered view with file names
+  # config.action_view.annotate_rendered_view_with_filenames = true
+
+  # Uncomment if you wish to allow Action Cable access from any origin.
+  # config.action_cable.disable_request_forgery_protection = true
+
+  # Raise error when a before_action's only/except options reference missing actions
+  config.action_controller.raise_on_missing_callback_actions = true

  # Send mails to browser window
  config.action_mailer.delivery_method = :letter_opener
@@ -26,16 +26,18 @@
 # See COPYRIGHT and LICENSE files for more details.
 #++

+require 'active_support/core_ext/integer/time'
+
 OpenProject::Application.configure do
  # Settings specified here will take precedence over those in config/application.rb.

  # Code is not reloaded between requests.
-  config.cache_classes = true
+  config.enable_reloading = false

  # Eager load code on boot. This eager loads most of Rails and
-  # your application in memory, allowing both thread web servers
+  # your application in memory, allowing both threaded web servers
  # and those relying on copy on write to perform better.
-  #
+
  # Rake tasks automatically ignore this option for performance.
  # We force some rake tasks to use eager_load through enhancing with environment:eager_load
  # DISABLE those when you change this setting!
@@ -45,22 +47,24 @@ OpenProject::Application.configure do
  config.consider_all_requests_local       = false
  config.action_controller.perform_caching = true

-  # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
-  # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+  # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment
+  # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files).
  # config.require_master_key = true

  # Enable Rails's static asset server when requested
-  # Disable serving static files from the `/public` folder by default since
-  # Apache or NGINX already handles this.
+  # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead.
  config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?

-  # Compress JavaScripts and CSS.
+  # Compress JavaScripts and CSS using a preprocessor.
  config.assets.js_compressor = nil
  # config.assets.css_compressor = :sass

  # Do not fallback to assets pipeline if a precompiled asset is missed.
  config.assets.compile = false

+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.asset_host = "http://assets.example.com"
+
  # Generate digests for assets URLs.
  config.assets.digest = true

@@ -68,12 +72,21 @@ OpenProject::Application.configure do
  config.assets.version = '1.0'

  # Specifies the header that your server uses for sending files.
-  # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
-  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
+  # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX

-  # Store uploaded files on the local file system (see config/storage.yml for options)
+  # Store uploaded files on the local file system (see config/storage.yml for options).
  # config.active_storage.service = :local

+  # Mount Action Cable outside main process or domain.
+  # config.action_cable.mount_path = nil
+  # config.action_cable.url = "wss://example.com/cable"
+  # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
+
+  # Assume all access to the app is happening through a SSL-terminating reverse proxy.
+  # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies.
+  # config.assume_ssl = true
+
  # When https is configured, Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
  # Allow disabling HSTS redirect by using OPENPROJECT_HSTS=false
  config.force_ssl = OpenProject::Configuration.https?
@@ -100,31 +113,55 @@ OpenProject::Application.configure do
    secure_cookies: OpenProject::Configuration.https?
  }

+  # Info include generic and useful information about system operation, but avoids logging too much
+  # information to avoid inadvertent exposure of personally identifiable information (PII). If you
+  # want to log everything, set the level to "debug".
+  # config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info")
+
  # Set to :debug to see everything in the log.
  config.log_level = OpenProject::Configuration['log_level'].to_sym

  config.assets.quiet = true unless config.log_level == :debug

+  # Log to STDOUT by default
+  config.logger = ActiveSupport::Logger.new($stdout)
+    .tap  { |logger| logger.formatter = Logger::Formatter.new }
+    .then { |logger| ActiveSupport::TaggedLogging.new(logger) }
+
+  # Prepend all log lines with the following tags.
+  config.log_tags = [:request_id]
+
  # Use a different logger for distributed setups.
  # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)

  # Use a different cache store in production.
  # config.cache_store = :mem_cache_store

+  # Use a real queuing backend for Active Job (and separate queues per environment).
+  # config.active_job.queue_adapter = :resque
+  # config.active_job.queue_name_prefix = "open_project_production"
+
+  config.action_mailer.perform_caching = false
+
  # Ignore bad email addresses and do not raise email delivery errors.
  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
  # config.action_mailer.raise_delivery_errors = false

  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
-  # the I18n.default_locale when a translation can not be found).
+  # the I18n.default_locale when a translation cannot be found).
  config.i18n.fallbacks = true

+  # Don't log any deprecations.
+  config.active_support.report_deprecations = ENV.fetch('OPENPROJECT_SHOW_DEPRECATIONS', nil)
+  deprecators.silenced = !ENV.fetch('OPENPROJECT_SHOW_DEPRECATIONS', nil)
+
  # Send deprecation notices to registered listeners.
  config.active_support.deprecation = :notify

  # Disable automatic flushing of the log to improve performance.
  config.autoflush_log = false

+  # Do not dump schema after migrations.
  config.active_record.dump_schema_after_migration = false

  # Silence the following warning
@@ -141,4 +178,12 @@ OpenProject::Application.configure do
      'Expires' => 1.year.from_now.to_fs(:rfc822).to_s
    }
  end
+
+  # Enable DNS rebinding protection and other `Host` header attacks.
+  # config.hosts = [
+  #   "example.com",     # Allow requests from example.com
+  #   /.*\.example\.com/ # Allow requests from subdomains like `www.example.com`
+  # ]
+  # Skip DNS rebinding protection for the default health check endpoint.
+  # config.host_authorization = { exclude: ->(request) { request.path == "/up" } }
 end
@@ -67,6 +67,9 @@ OpenProject::Application.configure do
  # ActionMailer::Base.deliveries array.
  config.action_mailer.delivery_method = :test

+  # Silence deprecations early on for testing on CI
+  deprecators.silenced = ENV['CI'].present?
+
  # Print deprecation notices to the stderr.
  config.active_support.deprecation =
    if ENV['CI']
@@ -41,6 +41,6 @@ module OpenProject::Patches::MailerControllerCsp
  end
 end

-OpenProject::Patches.patch_gem_version 'rails', '7.0.8' do
+OpenProject::Patches.patch_gem_version 'rails', '7.1.2' do
  Rails::MailersController.include OpenProject::Patches::MailerControllerCsp
 end