source "https://rubygems.org"
# Require rails
-gem "rails", "~> 7.2.0"
+gem "rails", "~> 8.0.0"
gem "turbo-rails"
# Require json for multi_json
gem "i18n-js", "~> 4.2.3"
gem "openstreetmap-deadlock_retry", ">= 1.3.1", :require => "deadlock_retry"
gem "rack-cors"
-gem "rails-i18n", "~> 7.0.0"
+gem "rails-i18n", "~> 8.0.0"
gem "rails_param"
gem "rinku", ">= 2.0.6", :require => "rails_rinku"
gem "strong_migrations", "< 2.0.0"
specs:
aasm (5.5.0)
concurrent-ruby (~> 1.0)
- actioncable (7.2.2.1)
- actionpack (= 7.2.2.1)
- activesupport (= 7.2.2.1)
+ actioncable (8.0.2)
+ actionpack (= 8.0.2)
+ activesupport (= 8.0.2)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
zeitwerk (~> 2.6)
- actionmailbox (7.2.2.1)
- actionpack (= 7.2.2.1)
- activejob (= 7.2.2.1)
- activerecord (= 7.2.2.1)
- activestorage (= 7.2.2.1)
- activesupport (= 7.2.2.1)
+ actionmailbox (8.0.2)
+ actionpack (= 8.0.2)
+ activejob (= 8.0.2)
+ activerecord (= 8.0.2)
+ activestorage (= 8.0.2)
+ activesupport (= 8.0.2)
mail (>= 2.8.0)
- actionmailer (7.2.2.1)
- actionpack (= 7.2.2.1)
- actionview (= 7.2.2.1)
- activejob (= 7.2.2.1)
- activesupport (= 7.2.2.1)
+ actionmailer (8.0.2)
+ actionpack (= 8.0.2)
+ actionview (= 8.0.2)
+ activejob (= 8.0.2)
+ activesupport (= 8.0.2)
mail (>= 2.8.0)
rails-dom-testing (~> 2.2)
- actionpack (7.2.2.1)
- actionview (= 7.2.2.1)
- activesupport (= 7.2.2.1)
+ actionpack (8.0.2)
+ actionview (= 8.0.2)
+ activesupport (= 8.0.2)
nokogiri (>= 1.8.5)
- racc
- rack (>= 2.2.4, < 3.2)
+ rack (>= 2.2.4)
rack-session (>= 1.0.1)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.2)
useragent (~> 0.16)
actionpack-page_caching (1.2.4)
actionpack (>= 4.0.0)
- actiontext (7.2.2.1)
- actionpack (= 7.2.2.1)
- activerecord (= 7.2.2.1)
- activestorage (= 7.2.2.1)
- activesupport (= 7.2.2.1)
+ actiontext (8.0.2)
+ actionpack (= 8.0.2)
+ activerecord (= 8.0.2)
+ activestorage (= 8.0.2)
+ activesupport (= 8.0.2)
globalid (>= 0.6.0)
nokogiri (>= 1.8.5)
- actionview (7.2.2.1)
- activesupport (= 7.2.2.1)
+ actionview (8.0.2)
+ activesupport (= 8.0.2)
builder (~> 3.1)
erubi (~> 1.11)
rails-dom-testing (~> 2.2)
rails-html-sanitizer (~> 1.6)
active_record_union (1.3.0)
activerecord (>= 4.0)
- activejob (7.2.2.1)
- activesupport (= 7.2.2.1)
+ activejob (8.0.2)
+ activesupport (= 8.0.2)
globalid (>= 0.3.6)
- activemodel (7.2.2.1)
- activesupport (= 7.2.2.1)
- activerecord (7.2.2.1)
- activemodel (= 7.2.2.1)
- activesupport (= 7.2.2.1)
+ activemodel (8.0.2)
+ activesupport (= 8.0.2)
+ activerecord (8.0.2)
+ activemodel (= 8.0.2)
+ activesupport (= 8.0.2)
timeout (>= 0.4.0)
activerecord-import (2.1.0)
activerecord (>= 4.2)
- activestorage (7.2.2.1)
- actionpack (= 7.2.2.1)
- activejob (= 7.2.2.1)
- activerecord (= 7.2.2.1)
- activesupport (= 7.2.2.1)
+ activestorage (8.0.2)
+ actionpack (= 8.0.2)
+ activejob (= 8.0.2)
+ activerecord (= 8.0.2)
+ activesupport (= 8.0.2)
marcel (~> 1.0)
- activesupport (7.2.2.1)
+ activesupport (8.0.2)
base64
benchmark (>= 0.3)
bigdecimal
minitest (>= 5.1)
securerandom (>= 0.3)
tzinfo (~> 2.0, >= 2.0.5)
+ uri (>= 0.13.1)
addressable (2.8.7)
public_suffix (>= 2.0.2, < 7.0)
annotaterb (4.14.0)
net-smtp (0.5.1)
net-protocol
nio4r (2.7.4)
- nokogiri (1.18.4)
+ nokogiri (1.18.5)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
oauth (1.1.0)
rackup (1.0.1)
rack (< 3)
webrick
- rails (7.2.2.1)
- actioncable (= 7.2.2.1)
- actionmailbox (= 7.2.2.1)
- actionmailer (= 7.2.2.1)
- actionpack (= 7.2.2.1)
- actiontext (= 7.2.2.1)
- actionview (= 7.2.2.1)
- activejob (= 7.2.2.1)
- activemodel (= 7.2.2.1)
- activerecord (= 7.2.2.1)
- activestorage (= 7.2.2.1)
- activesupport (= 7.2.2.1)
+ rails (8.0.2)
+ actioncable (= 8.0.2)
+ actionmailbox (= 8.0.2)
+ actionmailer (= 8.0.2)
+ actionpack (= 8.0.2)
+ actiontext (= 8.0.2)
+ actionview (= 8.0.2)
+ activejob (= 8.0.2)
+ activemodel (= 8.0.2)
+ activerecord (= 8.0.2)
+ activestorage (= 8.0.2)
+ activesupport (= 8.0.2)
bundler (>= 1.15.0)
- railties (= 7.2.2.1)
+ railties (= 8.0.2)
rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1)
actionview (>= 5.0.1.rc1)
rails-html-sanitizer (1.6.2)
loofah (~> 2.21)
nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
- rails-i18n (7.0.10)
+ rails-i18n (8.0.1)
i18n (>= 0.7, < 2)
- railties (>= 6.0.0, < 8)
+ railties (>= 8.0.0, < 9)
rails_param (1.3.1)
actionpack (>= 3.2.0)
activesupport (>= 3.2.0)
- railties (7.2.2.1)
- actionpack (= 7.2.2.1)
- activesupport (= 7.2.2.1)
+ railties (8.0.2)
+ actionpack (= 8.0.2)
+ activesupport (= 8.0.2)
irb (~> 1.13)
rackup (>= 1.0.0)
rake (>= 12.2)
quad_tile (~> 1.0.1)
rack-cors
rack-uri_sanitizer
- rails (~> 7.2.0)
+ rails (~> 8.0.0)
rails-controller-testing
- rails-i18n (~> 7.0.0)
+ rails-i18n (~> 8.0.0)
rails_param
rinku (>= 2.0.6)
rotp
--- /dev/null
+#!/usr/bin/env ruby
+exec "./bin/rails", "server", *ARGV
require "fileutils"
APP_ROOT = File.expand_path("..", __dir__)
-APP_NAME = "openstreetmap".freeze
def system!(*)
system(*, :exception => true)
# Add necessary setup steps to this file.
puts "== Installing dependencies =="
- system! "gem install bundler --conservative"
system("bundle check") || system!("bundle install")
# puts "\n== Copying sample files =="
puts "\n== Removing old logs and tempfiles =="
system! "bin/rails log:clear tmp:clear"
- puts "\n== Restarting application server =="
- system! "bin/rails restart"
-
- # puts "\n== Configuring puma-dev =="
- # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}"
- # system "curl -Is https://#{APP_NAME}.test/up | head -n 1"
+ unless ARGV.include?("--skip-server")
+ puts "\n== Starting development server =="
+ $stdout.flush # flush the output before exec(2) so that it displays
+ exec "bin/dev"
+ end
end
--- /dev/null
+#!/usr/bin/env ruby
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("thruster", "thrust")
Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb.
- # In the development environment your application's code is reloaded any time
- # it changes. This slows down response time but is perfect for development
- # since you don't have to restart the web server when you make code changes.
+ # Make code changes take effect immediately without server restart.
config.enable_reloading = true
# Do not eager load code on boot.
# Enable server timing.
config.server_timing = true
- # Enable/disable caching. By default caching is disabled.
- # Run rails dev:cache to toggle caching.
+ # Enable/disable Action Controller caching. By default Action Controller caching is disabled.
+ # Run rails dev:cache to toggle Action Controller caching.
if Rails.root.join("tmp/caching-dev.txt").exist?
config.action_controller.perform_caching = true
config.action_controller.enable_fragment_cache_logging = true
-
- config.cache_store = :memory_store
- config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{2.days.to_i}" }
+ config.public_file_server.headers = { "cache-control" => "public, max-age=#{2.days.to_i}" }
else
config.action_controller.perform_caching = false
-
- config.cache_store = :null_store
end
+ # Change to :null_store to avoid any caching.
+ config.cache_store = :memory_store
+
# Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = :local
# Don't care if the mailer can't send.
config.action_mailer.raise_delivery_errors = false
- # Disable caching for Action Mailer templates even if Action Controller
- # caching is enabled.
+ # Make template changes take effect immediately.
config.action_mailer.perform_caching = false
+ # Set localhost to be used by links generated in mailer templates.
config.action_mailer.default_url_options = { :host => "localhost", :port => 3000 }
# Print deprecation notices to the Rails logger.
config.active_support.deprecation = :log
- # Raise exceptions for disallowed deprecations.
- config.active_support.disallowed_deprecation = :raise
-
- # Tell Active Support which deprecation messages to disallow.
- config.active_support.disallowed_deprecation_warnings = []
-
# Raise an error on page load if there are pending migrations.
config.active_record.migration_error = :page_load unless Settings.status == "database_offline"
# Highlight code that triggered database queries in logs.
config.active_record.verbose_query_logs = true unless Settings.status == "database_offline"
+ # Append comments with runtime information tags to SQL queries in logs.
+ config.active_record.query_log_tags_enabled = true
+
# Highlight code that enqueued background job in logs.
config.active_job.verbose_enqueue_logs = true
- # Suppress logger output for asset requests.
- config.assets.quiet = true
-
# Raises error for missing translations.
# config.i18n.raise_on_missing_translations = true
# Code is not reloaded between requests.
config.enable_reloading = false
- # Eager load code on boot. This eager loads most of Rails and
- # your application in memory, allowing both threaded web servers
- # and those relying on copy on write to perform better.
- # Rake tasks automatically ignore this option for performance.
+ # Eager load code on boot for better performance and memory savings (ignored by Rake tasks).
config.eager_load = true
- # Full error reports are disabled and caching is turned on.
+ # Full error reports are disabled.
config.consider_all_requests_local = false
- config.action_controller.perform_caching = true
-
- # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment
- # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files).
- # config.require_master_key = true
-
- # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead.
- # config.public_file_server.enabled = false
- # Compress JavaScripts using a preprocessor.
- config.assets.js_compressor = Terser.new
-
- # Compress CSS using a preprocessor.
- # config.assets.css_compressor = :sass
+ # Turn on fragment caching in view templates.
+ config.action_controller.perform_caching = true
- # Do not fall back to assets pipeline if a precompiled asset is missed.
- config.assets.compile = false
+ # Cache assets for far-future expiry since they are all digest stamped.
+ config.public_file_server.headers = { "cache-control" => "public, max-age=#{1.year.to_i}" }
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
# config.asset_host = "http://assets.example.com"
- # Specifies the header that your server uses for sending files.
- # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
- # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
-
# Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = :local
- # Mount Action Cable outside main process or domain.
- # config.action_cable.mount_path = nil
- # config.action_cable.url = "wss://example.com/cable"
- # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
-
# Assume all access to the app is happening through a SSL-terminating reverse proxy.
- # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies.
- # config.assume_ssl = true
+ config.assume_ssl = true
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
- # config.force_ssl = true
+ config.force_ssl = true
# Skip http-to-https redirect for the default health check endpoint.
# config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } }
- # Log to STDOUT by default
- # config.logger = ActiveSupport::Logger.new(STDOUT)
- # .tap { |logger| logger.formatter = ::Logger::Formatter.new }
- # .then { |logger| ActiveSupport::TaggedLogging.new(logger) }
-
- # Prepend all log lines with the following tags.
+ # Log to STDOUT with the current request id as a default log tag.
config.log_tags = [:request_id]
+ config.logger = ActiveSupport::TaggedLogging.logger($stdout)
- # "info" includes generic and useful information about system operation, but avoids logging too much
- # information to avoid inadvertent exposure of personally identifiable information (PII). If you
- # want to log everything, set the level to "debug".
+ # Change to "debug" to log everything (including potentially personally-identifiable information!)
config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info")
- # Use a different log path in production.
- config.paths["log"] = Settings.log_path if Settings.key?(:log_path)
+ # Prevent health checks from clogging up the logs.
+ config.silence_healthcheck_path = "/up"
+
+ # Don't log any deprecations.
+ config.active_support.report_deprecations = false
- # Use a different cache store in production.
+ # Replace the default in-process memory cache store with a durable alternative.
# config.cache_store = :mem_cache_store
- # Use a real queuing backend for Active Job (and separate queues per environment).
+ # Replace the default in-process and non-durable queuing backend for Active Job.
# config.active_job.queue_adapter = :resque
- # config.active_job.queue_name_prefix = "openstreetmap_production"
-
- # Disable caching for Action Mailer templates even if Action Controller
- # caching is enabled.
- config.action_mailer.perform_caching = false
# Configure caching of static assets
config.action_controller.page_cache_directory = Rails.public_path
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
# config.action_mailer.raise_delivery_errors = false
+ # Set host to be used by links generated in mailer templates.
+ config.action_mailer.default_url_options = { :host => "example.com" }
+
+ # Specify outgoing SMTP server. Remember to add smtp/* credentials via rails credentials:edit.
+ # config.action_mailer.smtp_settings = {
+ # user_name: Rails.application.credentials.dig(:smtp, :user_name),
+ # password: Rails.application.credentials.dig(:smtp, :password),
+ # address: "smtp.example.com",
+ # port: 587,
+ # authentication: :plain
+ # }
+
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
# the I18n.default_locale when a translation cannot be found).
config.i18n.fallbacks = true
- # Don't log any deprecations.
- config.active_support.report_deprecations = false
-
# Do not dump schema after migrations.
config.active_record.dump_schema_after_migration = false unless Settings.status == "database_offline"
+ # Only use :id for inspections in production.
+ config.active_record.attributes_for_inspect = [:id]
+
# Enable DNS rebinding protection and other `Host` header attacks.
# config.hosts = [
# "example.com", # Allow requests from example.com
# /.*\.example\.com/ # Allow requests from subdomains like `www.example.com`
# ]
+ #
# Skip DNS rebinding protection for the default health check endpoint.
# config.host_authorization = { exclude: ->(request) { request.path == "/up" } }
-require "active_support/core_ext/integer/time"
-
# The test environment is used exclusively to run your application's
# test suite. You never need to work with it otherwise. Remember that
# your test database is "scratch space" for the test suite and is wiped
# loading is working properly before deploying your code.
config.eager_load = ENV["CI"].present?
- # Configure public file server for tests with Cache-Control for performance.
- config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{1.hour.to_i}" }
+ # Configure public file server for tests with cache-control for performance.
+ config.public_file_server.headers = { "cache-control" => "public, max-age=3600" }
- # Show full error reports and disable caching.
+ # Show full error reports.
config.consider_all_requests_local = true
- config.action_controller.perform_caching = false
config.cache_store = :null_store
# Render exception templates for rescuable exceptions and raise for other exceptions.
# Disable logging in tests, for speed increases. Set to :info to bring back logging
config.log_level = :warn
- # Disable caching for Action Mailer templates even if Action Controller
- # caching is enabled.
- config.action_mailer.perform_caching = false
-
# Tell Action Mailer not to deliver emails to the real world.
# The :test delivery method accumulates sent emails in the
# ActionMailer::Base.deliveries array.
config.action_mailer.delivery_method = :test
- # Unlike controllers, the mailer instance doesn't have any context about the
- # incoming request so you'll need to provide the :host parameter yourself.
+ # Set host to be used by links generated in mailer templates.
config.action_mailer.default_url_options = { :host => Settings.server_url }
# Print deprecation notices to the stderr.
# Use the test adapter for ActiveJob during testing.
config.active_job.queue_adapter = :test
- # Allow FactoryBot to set primary key attributes
+ # Allow FactoryBot to set primary key attributes.
config.factory_bot.reject_primary_key_attributes = false
+
+ # Disable page caching.
+ config.action_controller.perform_caching = false
end
policy.report_uri(Settings.csp_report_url) if Settings.key?(:csp_report_url)
end
- # Generate session nonces for permitted importmap and inline scripts
+ # Generate session nonces for permitted importmap, inline scripts, and inline styles.
config.content_security_policy_nonce_generator = ->(_request) { SecureRandom.base64(24) }
- config.content_security_policy_nonce_directives = %w[style-src]
+ config.content_security_policy_nonce_directives = %w[script-src style-src]
# Report violations without enforcing the policy.
config.content_security_policy_report_only = true unless Settings.csp_enforce
--- /dev/null
+# Be sure to restart your server when you modify this file.
+#
+# This file eases your Rails 8.0 framework defaults upgrade.
+#
+# Uncomment each configuration one by one to switch to the new default.
+# Once your application is ready to run with all new defaults, you can remove
+# this file and set the `config.load_defaults` to `8.0`.
+#
+# Read the Guide for Upgrading Ruby on Rails for more info on each option.
+# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html
+
+###
+# Specifies whether `to_time` methods preserve the UTC offset of their receivers or preserves the timezone.
+# If set to `:zone`, `to_time` methods will use the timezone of their receivers.
+# If set to `:offset`, `to_time` methods will use the UTC offset.
+# If `false`, `to_time` methods will convert to the local system UTC offset instead.
+#++
+# Rails.application.config.active_support.to_time_preserves_timezone = :zone
+
+###
+# When both `If-Modified-Since` and `If-None-Match` are provided by the client
+# only consider `If-None-Match` as specified by RFC 7232 Section 6.
+# If set to `false` both conditions need to be satisfied.
+#++
+# Rails.application.config.action_dispatch.strict_freshness = true
+
+###
+# Set `Regexp.timeout` to `1`s by default to improve security over Regexp Denial-of-Service attacks.
+#++
+# Regexp.timeout = 1
# This configuration file will be evaluated by Puma. The top-level methods that
# are invoked here are part of Puma's configuration DSL. For more information
# about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html.
-
+#
# Puma starts a configurable number of processes (workers) and each process
# serves each request in a thread from an internal thread pool.
#
+# You can control the number of workers using ENV["WEB_CONCURRENCY"]. You
+# should only set this value when you want to run 2 or more workers. The
+# default is already 1.
+#
# The ideal number of threads per worker depends both on how much time the
# application spends waiting for IO operations and on how much you wish to
-# to prioritize throughput over latency.
+# prioritize throughput over latency.
#
# As a rule of thumb, increasing the number of threads will increase how much
# traffic a given process can handle (throughput), but due to CRuby's
# Allow puma to be restarted by `bin/rails restart` command.
plugin :tmp_restart
-# Only use a pidfile when requested
+# Run the Solid Queue supervisor inside of Puma for single-server deployments
+plugin :solid_queue if ENV["SOLID_QUEUE_IN_PUMA"]
+
+# Specify the PID file. Defaults to tmp/pids/server.pid in development.
+# In other environments, only set the PID file if requested.
pidfile ENV["PIDFILE"] if ENV["PIDFILE"]
projects / rails.git / commitdiff