Merge pull request #5465 from consuldemocracy/rails7.0

Upgrade to Rails 7.0

.rubocop.yml

@@ -163,6 +163,7 @@ Layout/LineLength:
     - "config/environments/staging.rb"
     - "config/initializers/devise.rb"
     - "config/initializers/backtrace_silencers.rb"
+    - "config/initializers/cookie_rotator.rb"
     - "db/migrate/*create_delayed_jobs.rb"
     - "db/migrate/*create_active_storage_variant_records.active_storage.rb"
     - "app/models/budget/stats.rb"
@@ -374,9 +375,6 @@ Rails/CreateTableWithTimestamps:
 Rails/Date:
   Enabled: true
 
-Rails/DeprecatedActiveModelErrorsMethods: # TODO: Remove after upgrading to Rails 7
-  Enabled: true
-
 Rails/DurationArithmetic:
   Enabled: true
 

Gemfile

@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-gem "rails", "6.1.7.7"
+gem "rails", "7.0.8.1"
 
 gem "acts-as-taggable-on", "~> 10.0.0"
 gem "acts_as_votable", "~> 0.14.0"
@@ -46,13 +46,14 @@ gem "recipient_interceptor", "~> 0.3.1"
 gem "redcarpet", "~> 3.6.0"
 gem "responders", "~> 3.1.1"
 gem "rinku", "~> 2.0.6", require: "rails_rinku"
-gem "ros-apartment", "~> 2.11.0", require: "apartment"
+gem "ros-apartment", "~> 2.11.0", require: "apartment" # Remove ConnectionHandling monkey patch when upgrading
 gem "sassc-embedded", "~> 1.70.1"
 gem "sassc-rails", "~> 2.1.2"
 gem "savon", "~> 2.15.0"
 gem "sitemap_generator", "~> 6.3.0"
 gem "social-share-button", "~> 1.2.4"
 gem "sprockets", "~> 4.2.1"
+gem "sprockets-rails", "~> 3.4.2", require: "sprockets/railtie"
 gem "turbolinks", "~> 5.2.1"
 gem "turnout", "~> 2.5.0"
 gem "uglifier", "~> 4.2.0"

Gemfile.lock

@@ -2,65 +2,71 @@ GEM
   remote: https://rubygems.org/
   specs:
     Ascii85 (1.1.0)
-    actioncable (6.1.7.7)
-      actionpack (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
+    actioncable (7.0.8.1)
+      actionpack (= 7.0.8.1)
+      activesupport (= 7.0.8.1)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.7.7)
-      actionpack (= 6.1.7.7)
-      activejob (= 6.1.7.7)
-      activerecord (= 6.1.7.7)
-      activestorage (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
+    actionmailbox (7.0.8.1)
+      actionpack (= 7.0.8.1)
+      activejob (= 7.0.8.1)
+      activerecord (= 7.0.8.1)
+      activestorage (= 7.0.8.1)
+      activesupport (= 7.0.8.1)
       mail (>= 2.7.1)
-    actionmailer (6.1.7.7)
-      actionpack (= 6.1.7.7)
-      actionview (= 6.1.7.7)
-      activejob (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
+      net-imap
+      net-pop
+      net-smtp
+    actionmailer (7.0.8.1)
+      actionpack (= 7.0.8.1)
+      actionview (= 7.0.8.1)
+      activejob (= 7.0.8.1)
+      activesupport (= 7.0.8.1)
       mail (~> 2.5, >= 2.5.4)
+      net-imap
+      net-pop
+      net-smtp
       rails-dom-testing (~> 2.0)
-    actionpack (6.1.7.7)
-      actionview (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
-      rack (~> 2.0, >= 2.0.9)
+    actionpack (7.0.8.1)
+      actionview (= 7.0.8.1)
+      activesupport (= 7.0.8.1)
+      rack (~> 2.0, >= 2.2.4)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.1.7.7)
-      actionpack (= 6.1.7.7)
-      activerecord (= 6.1.7.7)
-      activestorage (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
+    actiontext (7.0.8.1)
+      actionpack (= 7.0.8.1)
+      activerecord (= 7.0.8.1)
+      activestorage (= 7.0.8.1)
+      activesupport (= 7.0.8.1)
+      globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (6.1.7.7)
-      activesupport (= 6.1.7.7)
+    actionview (7.0.8.1)
+      activesupport (= 7.0.8.1)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.1.7.7)
-      activesupport (= 6.1.7.7)
+    activejob (7.0.8.1)
+      activesupport (= 7.0.8.1)
       globalid (>= 0.3.6)
-    activemodel (6.1.7.7)
-      activesupport (= 6.1.7.7)
-    activerecord (6.1.7.7)
-      activemodel (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
-    activestorage (6.1.7.7)
-      actionpack (= 6.1.7.7)
-      activejob (= 6.1.7.7)
-      activerecord (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
+    activemodel (7.0.8.1)
+      activesupport (= 7.0.8.1)
+    activerecord (7.0.8.1)
+      activemodel (= 7.0.8.1)
+      activesupport (= 7.0.8.1)
+    activestorage (7.0.8.1)
+      actionpack (= 7.0.8.1)
+      activejob (= 7.0.8.1)
+      activerecord (= 7.0.8.1)
+      activesupport (= 7.0.8.1)
       marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (6.1.7.7)
+    activesupport (7.0.8.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
     acts-as-taggable-on (10.0.0)
       activerecord (>= 6.1, < 7.2)
     acts_as_votable (0.14.0)
@@ -91,7 +97,7 @@ GEM
       execjs (~> 2)
     base64 (0.1.1)
     bcrypt (3.1.20)
-    better_html (2.0.2)
+    better_html (2.1.1)
       actionview (>= 6.0)
       activesupport (>= 6.0)
       ast (~> 2.0)
@@ -460,21 +466,20 @@ GEM
       rack
     rack-test (2.1.0)
       rack (>= 1.3)
-    rails (6.1.7.7)
-      actioncable (= 6.1.7.7)
-      actionmailbox (= 6.1.7.7)
-      actionmailer (= 6.1.7.7)
-      actionpack (= 6.1.7.7)
-      actiontext (= 6.1.7.7)
-      actionview (= 6.1.7.7)
-      activejob (= 6.1.7.7)
-      activemodel (= 6.1.7.7)
-      activerecord (= 6.1.7.7)
-      activestorage (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
+    rails (7.0.8.1)
+      actioncable (= 7.0.8.1)
+      actionmailbox (= 7.0.8.1)
+      actionmailer (= 7.0.8.1)
+      actionpack (= 7.0.8.1)
+      actiontext (= 7.0.8.1)
+      actionview (= 7.0.8.1)
+      activejob (= 7.0.8.1)
+      activemodel (= 7.0.8.1)
+      activerecord (= 7.0.8.1)
+      activestorage (= 7.0.8.1)
+      activesupport (= 7.0.8.1)
       bundler (>= 1.15.0)
-      railties (= 6.1.7.7)
-      sprockets-rails (>= 2.0.0)
+      railties (= 7.0.8.1)
     rails-dom-testing (2.2.0)
       activesupport (>= 5.0.0)
       minitest
@@ -482,15 +487,16 @@ GEM
     rails-html-sanitizer (1.6.0)
       loofah (~> 2.21)
       nokogiri (~> 1.14)
-    rails-i18n (6.0.0)
+    rails-i18n (7.0.9)
       i18n (>= 0.7, < 2)
-      railties (>= 6.0.0, < 7)
-    railties (6.1.7.7)
-      actionpack (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
+      railties (>= 6.0.0, < 8)
+    railties (7.0.8.1)
+      actionpack (= 7.0.8.1)
+      activesupport (= 7.0.8.1)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
+      zeitwerk (~> 2.5)
     rainbow (3.1.1)
     rake (13.1.0)
     rbtree3 (0.7.1)
@@ -752,7 +758,7 @@ DEPENDENCIES
   pronto-rubocop (~> 0.11.5)
   pronto-stylelint (~> 0.10.3)
   puma (~> 5.6.8)
-  rails (= 6.1.7.7)
+  rails (= 7.0.8.1)
   recipient_interceptor (~> 0.3.1)
   redcarpet (~> 3.6.0)
   responders (~> 3.1.1)
@@ -776,6 +782,7 @@ DEPENDENCIES
   social-share-button (~> 1.2.4)
   spring (~> 4.1.3)
   sprockets (~> 4.2.1)
+  sprockets-rails (~> 3.4.2)
   turbolinks (~> 5.2.1)
   turnout (~> 2.5.0)
   uglifier (~> 4.2.0)

app/components/admin/action_component.html.erb

@@ -1,5 +1,5 @@
 <% if button? %>
-  <%= button_to(path, html_options) { text } %>
+  <%= button_to text, path, html_options %>
 <% else %>
   <%= link_to text, path, html_options %>
 <% end %>

app/components/budgets/investments/ballot_component.html.erb

@@ -10,15 +10,14 @@
         </p>
       <% end %>
       <% if investment.should_show_ballots? %>
-        <%= button_to budget_ballot_line_path(id: investment.id,
+        <%= button_to t("budgets.ballots.show.remove"),
+                      budget_ballot_line_path(id: investment.id,
                                               budget_id: investment.budget_id,
                                               investments_ids: investment_ids),
                       class: "button button-remove-support expanded",
                       method: :delete,
                       remote: true,
-                      "aria-label": remove_vote_aria_label do %>
-          <%= t("budgets.ballots.show.remove") %>
-        <% end %>
+                      "aria-label": remove_vote_aria_label %>
       <% end %>
     </div>
   <% else %>
@@ -29,16 +28,15 @@
         </p>
       <% end %>
       <% if investment.should_show_ballots? %>
-        <%= button_to budget_ballot_lines_path(investment_id: investment.id,
+        <%= button_to t("budgets.investments.investment.add"),
+                      budget_ballot_lines_path(investment_id: investment.id,
                                                budget_id: investment.budget_id,
                                                investments_ids: investment_ids),
                       class: "button button-support expanded",
                       title: t("budgets.investments.investment.support_title"),
                       method: :post,
                       remote: true,
-                      "aria-label": vote_aria_label do %>
-          <%= t("budgets.investments.investment.add") %>
-        <% end %>
+                      "aria-label": vote_aria_label %>
       <% end %>
     </div>
   <% end %>

app/components/budgets/investments/votes_component.html.erb

@@ -12,13 +12,12 @@
             <%= t("budgets.investments.votes.already_supported") %>
           </div>
           <% if feature?(:remove_investments_supports) %>
-            <%= button_to remove_support_path,
+            <%= button_to t("budgets.investments.votes.remove_support"),
+                          remove_support_path,
                           class: "button button-remove-support expanded",
                           method: "delete",
                           remote: true,
-                          "aria-label": remove_support_aria_label do %>
-              <%= t("budgets.investments.votes.remove_support") %>
-            <% end %>
+                          "aria-label": remove_support_aria_label %>
           <% end %>
         </div>
       <% else %>

app/components/polls/questions/answers_component.html.erb

@@ -2,23 +2,21 @@
   <% if can?(:answer, question) && !question.poll.voted_in_booth?(current_user) %>
     <% question_answers.each do |question_answer| %>
       <% if already_answered?(question_answer) %>
-        <%= button_to question_answer_path(question, user_answer(question_answer)),
+        <%= button_to question_answer.title,
+                      question_answer_path(question, user_answer(question_answer)),
                       method: :delete,
                       remote: true,
                       title: t("poll_questions.show.voted", answer: question_answer.title),
                       class: "button answered",
-                      "aria-pressed": true do %>
-          <%= question_answer.title %>
-        <% end %>
+                      "aria-pressed": true %>
       <% else %>
-        <%= button_to answer_question_path(question, answer: question_answer.title),
+        <%= button_to question_answer.title,
+                      answer_question_path(question, answer: question_answer.title),
                       remote: true,
                       title: t("poll_questions.show.vote_answer", answer: question_answer.title),
                       class: "button secondary hollow",
                       "aria-pressed": false,
-                      disabled: disable_answer?(question_answer) do %>
-          <%= question_answer.title %>
-        <% end %>
+                      disabled: disable_answer?(question_answer) %>
       <% end %>
     <% end %>
   <% elsif !user_signed_in? %>

app/components/proposals/votes_component.html.erb

@@ -7,14 +7,13 @@
         <%= t("proposals.proposal.already_supported") %>
       </div>
     <% else %>
-      <%= button_to vote_url,
+      <%= button_to t("proposals.proposal.support"),
+                    vote_url,
                     class: "button button-support small expanded",
                     title: t("proposals.proposal.support_title"),
                     method: "post",
                     remote: true,
-                    "aria-label": support_aria_label do %>
-        <%= t("proposals.proposal.support") %>
-      <% end %>
+                    "aria-label": support_aria_label %>
     <% end %>
   </div>
 

app/controllers/notifications_controller.rb

@@ -11,7 +11,7 @@ class NotificationsController < ApplicationController
   def show
     @notification = current_user.notifications.find(params[:id])
     @notification.mark_as_read
-    redirect_to linkable_resource_path(@notification)
+    redirect_to linkable_resource_path(@notification), allow_other_host: true
   end
 
   def read

app/models/concerns/skip_validation.rb

@@ -12,8 +12,8 @@ module SkipValidation
       _validators[field].reject! { |existing_validator| existing_validator.is_a?(validator_class) }
 
       _validate_callbacks.each do |callback|
-        if callback.raw_filter.is_a?(validator_class)
-          callback.raw_filter.instance_variable_set(:@attributes, callback.raw_filter.attributes - [field])
+        if callback.filter.is_a?(validator_class)
+          callback.filter.instance_variable_set(:@attributes, callback.filter.attributes - [field])
         end
       end
     end

config/application.rb

@@ -13,7 +13,6 @@ require "action_mailer/railtie"
 # require "action_text/engine"
 require "action_view/railtie"
 require "action_cable/engine"
-require "sprockets/railtie"
 require "rails/test_unit/railtie"
 
 # Require the gems listed in Gemfile, including any gems
@@ -22,16 +21,12 @@ Bundler.require(*Rails.groups)
 
 module Consul
   class Application < Rails::Application
-    config.load_defaults 6.1
+    config.load_defaults 7.0
 
     # Keep belongs_to fields optional by default, because that's the way
     # Rails 4 models worked
     config.active_record.belongs_to_required_by_default = false
 
-    # Keep using AES-256-CBC for message encryption in case it's used
-    # in any CONSUL DEMOCRACY installations
-    config.active_support.use_authenticated_message_encryption = false
-
     # Don't enable has_many_inversing because it doesn't seem to currently
     # work with the _count database columns we use for caching purposes
     config.active_record.has_many_inversing = false
@@ -39,6 +34,15 @@ module Consul
     # Disable Sprockets AssetUrlProcessor for CKEditor compatibility
     config.assets.resolve_assets_in_css_urls = false
 
+    # Keep adding media="screen" attribute to stylesheets, just like
+    # Rails 4, 5 and 6 did, until we change the print stylesheet so it
+    # works when loading all the styles
+    config.action_view.apply_stylesheet_media_default = true
+
+    # Keep using ImageMagick instead of libvips for image processing in
+    # order to make upgrades easier.
+    config.active_storage.variant_processor = :mini_magick
+
     # Keep reading existing data in the legislation_annotations ranges column
     config.active_record.yaml_column_permitted_classes = [ActiveSupport::HashWithIndifferentAccess, Symbol]
 

config/environments/development.rb

@@ -15,9 +15,12 @@ Rails.application.configure do
   # Show full error reports.
   config.consider_all_requests_local = true
 
+  # Enable server timing
+  config.server_timing = true
+
   # Enable/disable caching. By default caching is disabled.
   # Run rails dev:cache to toggle caching.
-  if Rails.root.join("tmp", "caching-dev.txt").exist?
+  if Rails.root.join("tmp/caching-dev.txt").exist?
     config.action_controller.perform_caching = true
     config.action_controller.enable_fragment_cache_logging = true
 
@@ -58,11 +61,6 @@ Rails.application.configure do
   # Highlight code that triggered database queries in logs.
   config.active_record.verbose_query_logs = true
 
-  # Debug mode disables concatenation and preprocessing of assets.
-  # This option may cause significant delays in view rendering with a large
-  # number of complex assets.
-  config.assets.debug = false
-
   # Suppress logger output for asset requests.
   config.assets.quiet = true
 
@@ -89,9 +87,6 @@ Rails.application.configure do
       Bullet.add_footer = true
     end
   end
-  # Use an evented file watcher to asynchronously detect changes in source code,
-  # routes, locales, etc. This feature depends on the listen gem.
-  # config.file_watcher = ActiveSupport::EventedFileUpdateChecker
 
   # Uncomment if you wish to allow Action Cable access from any origin.
   # config.action_cable.disable_request_forgery_protection = true

config/environments/production.rb

@@ -74,18 +74,13 @@ Rails.application.configure do
     config.action_mailer.smtp_settings = Rails.application.secrets.smtp_settings
   end
 
-  # Disable locale fallbacks for I18n
-  # (prevents using fallback locales set in application.rb).
-  # config.i18n.fallbacks = false
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation cannot be found).
+  # (commented because it prevents using fallback locales set in application.rb).
+  # config.i18n.fallbacks = true
 
-  # Send deprecation notices to registered listeners.
-  config.active_support.deprecation = :notify
-
-  # Log disallowed deprecations.
-  config.active_support.disallowed_deprecation = :log
-
-  # Tell Active Support which deprecation messages to disallow.
-  config.active_support.disallowed_deprecation_warnings = []
+  # Don't log any deprecations.
+  config.active_support.report_deprecations = false
 
   # Use default logging formatter so that PID and timestamp are not suppressed.
   config.log_formatter = ::Logger::Formatter.new
@@ -107,27 +102,6 @@ Rails.application.configure do
 
   # Do not dump schema after migrations.
   config.active_record.dump_schema_after_migration = false
-
-  # Inserts middleware to perform automatic connection switching.
-  # The `database_selector` hash is used to pass options to the DatabaseSelector
-  # middleware. The `delay` is used to determine how long to wait after a write
-  # to send a subsequent read to the primary.
-  #
-  # The `database_resolver` class is used by the middleware to determine which
-  # database is appropriate to use based on the time delay.
-  #
-  # The `database_resolver_context` class is used by the middleware to set
-  # timestamps for the last write to the primary. The resolver uses the context
-  # class timestamps to determine how long to wait before reading from the
-  # replica.
-  #
-  # By default Rails will store a last write timestamp in the session. The
-  # DatabaseSelector middleware is designed as such you can define your own
-  # strategy for connection switching and pass that into the middleware through
-  # these configuration options.
-  # config.active_record.database_selector = { delay: 2.seconds }
-  # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver
-  # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session
 end
 
 require Rails.root.join("config", "environments", "custom", "production")

config/environments/test.rb

@@ -15,11 +15,12 @@ Rails.application.configure do
   config.i18n.default_locale = :en
   config.i18n.available_locales = %w[de en es fr nl pt-BR zh-CN]
 
+  # Turn false under Spring and add config.action_view.cache_template_loading = true.
   config.cache_classes = true
 
-  # Do not eager load code on boot. This avoids loading your whole application
-  # just for the purpose of running a single test. If you are using a tool that
-  # preloads Rails for running tests, you may have to set it to true.
+  # Eager loading loads your whole application. When running a single test locally,
+  # this probably isn't necessary. It's a good idea to do in a continuous integration
+  # system, or in some way before deploying your code.
   config.eager_load = ENV["CI"].present?
 
   # Configure public file server for tests with Cache-Control for performance.

config/initializers/01_filter_parameter_logging.rb

@@ -1,6 +1,8 @@
 # Be sure to restart your server when you modify this file.
 
-# Configure sensitive parameters which will be filtered from the log file.
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
 Rails.application.config.filter_parameters += [
   :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
 ]

config/initializers/apartment.rb

@@ -1,3 +1,20 @@
+module ActiveRecord # TODO: Remove after upgrading ros-apartment
+  # Code based on the current (as of March 2024) development version of the apartment gem
+  module ConnectionHandling
+    def connected_to_with_rails7_tenant(role: nil, prevent_writes: false, &blk)
+      current_tenant = Apartment::Tenant.current
+
+      # The connected_to_without_tenant method is defined by Apartment
+      connected_to_without_tenant(role: role, prevent_writes: prevent_writes) do
+        Apartment::Tenant.switch!(current_tenant)
+        yield(blk)
+      end
+    end
+
+    alias connected_to connected_to_with_rails7_tenant
+  end
+end
+
 # You can have Apartment route to the appropriate Tenant by adding some Rack middleware.
 # Apartment can support many different "Elevators" that can take care of this routing to your data.
 # Require whichever Elevator you're using below or none if you have a custom one.

config/initializers/content_security_policy.rb

@@ -1,28 +1,25 @@
 # Be sure to restart your server when you modify this file.
 
-# Define an application-wide content security policy
-# For further information see the following documentation
-# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
+# Define an application-wide content security policy.
+# See the Securing Rails Applications Guide for more information:
+# https://guides.rubyonrails.org/security.html#content-security-policy-header
 
-# Rails.application.config.content_security_policy do |policy|
-#   policy.default_src :self, :https
-#   policy.font_src    :self, :https, :data
-#   policy.img_src     :self, :https, :data
-#   policy.object_src  :none
-#   policy.script_src  :self, :https
-#   policy.style_src   :self, :https
-
-#   # Specify URI for violation reports
-#   # policy.report_uri "/csp-violation-report-endpoint"
+# Rails.application.configure do
+#   config.content_security_policy do |policy|
+#     policy.default_src :self, :https
+#     policy.font_src    :self, :https, :data
+#     policy.img_src     :self, :https, :data
+#     policy.object_src  :none
+#     policy.script_src  :self, :https
+#     policy.style_src   :self, :https
+#     # Specify URI for violation reports
+#     # policy.report_uri "/csp-violation-report-endpoint"
+#   end
+#
+#   # Generate session nonces for permitted importmap and inline scripts
+#   config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
+#   config.content_security_policy_nonce_directives = %w(script-src)
+#
+#   # Report violations without enforcing the policy.
+#   # config.content_security_policy_report_only = true
 # end
-
-# If you are using UJS then enable automatic nonce generation
-# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) }
-
-# Set the nonce only to specific directives
-# Rails.application.config.content_security_policy_nonce_directives = %w(script-src)
-
-# Report CSP violations to a specified URI
-# For further information see the following documentation:
-# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
-# Rails.application.config.content_security_policy_report_only = true

config/initializers/cookie_rotator.rb

@@ -0,0 +1,23 @@
+# This code was copied from:
+# https://guides.rubyonrails.org/v7.0/upgrading_ruby_on_rails.html#key-generator-digest-class-changing-to-use-sha256
+# TODO: safe to remove after upgrading to Rails 7.1 or releasing a new
+# version of Consul Democracy
+Rails.application.config.after_initialize do
+  Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies|
+    authenticated_encrypted_cookie_salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt
+    signed_cookie_salt = Rails.application.config.action_dispatch.signed_cookie_salt
+
+    secret_key_base = Rails.application.secret_key_base
+
+    key_generator = ActiveSupport::KeyGenerator.new(
+      secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
+    )
+    key_len = ActiveSupport::MessageEncryptor.key_len
+
+    old_encrypted_secret = key_generator.generate_key(authenticated_encrypted_cookie_salt, key_len)
+    old_signed_secret = key_generator.generate_key(signed_cookie_salt)
+
+    cookies.rotate :encrypted, old_encrypted_secret
+    cookies.rotate :signed, old_signed_secret
+  end
+end

config/initializers/cookies_serializer.rb

@@ -1,5 +0,0 @@
-# Be sure to restart your server when you modify this file.
-
-# Specify a serializer for the signed and encrypted cookie jars.
-# Valid options are :json, :marshal, and :hybrid.
-Rails.application.config.action_dispatch.cookies_serializer = :json

config/initializers/inflections.rb

@@ -4,15 +4,15 @@
 # are locale specific, and you may define rules for as many different
 # locales as you wish. All of these examples are active by default:
 # ActiveSupport::Inflector.inflections(:en) do |inflect|
-#   inflect.plural /^(ox)$/i, '\1en'
-#   inflect.singular /^(ox)en/i, '\1'
-#   inflect.irregular 'person', 'people'
+#   inflect.plural /^(ox)$/i, "\\1en"
+#   inflect.singular /^(ox)en/i, "\\1"
+#   inflect.irregular "person", "people"
 #   inflect.uncountable %w( fish sheep )
 # end
 
 # These inflection rules are supported but not enabled by default:
 # ActiveSupport::Inflector.inflections(:en) do |inflect|
-#   inflect.acronym 'RESTful'
+#   inflect.acronym "RESTful"
 # end
 
 ActiveSupport::Inflector.inflections(:en) do |inflect|

config/initializers/wrap_parameters.rb

@@ -1,14 +0,0 @@
-# Be sure to restart your server when you modify this file.
-
-# This file contains settings for ActionController::ParamsWrapper which
-# is enabled by default.
-
-# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
-ActiveSupport.on_load(:action_controller) do
-  wrap_parameters format: [:json]
-end
-
-# To enable root element in JSON for ActiveRecord objects.
-# ActiveSupport.on_load(:active_record) do
-#   self.include_root_in_json = true
-# end

db/migrate/20240322223950_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb

@@ -0,0 +1,8 @@
+# This migration comes from active_storage (originally 20211119233751)
+class RemoveNotNullOnActiveStorageBlobsChecksum < ActiveRecord::Migration[6.0]
+  def change
+    return unless table_exists?(:active_storage_blobs)
+
+    change_column_null(:active_storage_blobs, :checksum, true)
+  end
+end

spec/controllers/remote_translations_controller_spec.rb

@@ -11,7 +11,7 @@ describe RemoteTranslationsController, :remote_translations do
     end
 
     before do
-      request.env["HTTP_REFERER"] = "any_path"
+      request.env["HTTP_REFERER"] = "/any_path"
     end
 
     it "create correctly remote translation" do
@@ -39,7 +39,7 @@ describe RemoteTranslationsController, :remote_translations do
     it "redirect_to request referer after create" do
       post :create, params: { remote_translations: remote_translations_params }
 
-      expect(subject).to redirect_to("any_path")
+      expect(subject).to redirect_to "/any_path"
     end
   end
 end

spec/models/sdg/phase_spec.rb

@@ -38,7 +38,7 @@ describe SDG::Phase do
     end
 
     it "raises an exception for non-existing kinds" do
-      expect { SDG::Phase["improvement"] }.to raise_exception ActiveRecord::StatementInvalid
+      expect { SDG::Phase["improvement"] }.to raise_exception ActiveRecord::RecordNotFound
     end
   end
 end

spec/system/site_customization/images_spec.rb

@@ -6,7 +6,7 @@ describe "Site customization images" do
 
     visit root_path
 
-    expect(page).to have_css("link[rel='shortcut icon'][href$='favicon_custom.ico']", visible: :hidden)
+    expect(page).to have_css("link[rel='icon'][href$='favicon_custom.ico']", visible: :hidden)
   end
 
   scenario "Custom auth background" do