diff --git a/apps/myjobs/Gemfile b/apps/myjobs/Gemfile index d82d86f513..dcab0e733f 100644 --- a/apps/myjobs/Gemfile +++ b/apps/myjobs/Gemfile @@ -2,11 +2,11 @@ source 'https://rubygems.org' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '5.2.7.1' +gem 'rails', '6.0.5' # Use sqlite3 as the database for Active Record # Note that the version has been fixed due to an incompatibilty # https://github.com/rails/rails/issues/35153 -gem 'sqlite3', '1.3.13' +gem 'sqlite3', '1.4.2' # Use SCSS for stylesheets gem 'sass-rails', '~> 5.0' # Use Uglifier as compressor for JavaScript assets @@ -60,13 +60,9 @@ gem "local_time", "~> 1.0.3" gem 'dotenv-rails', '~> 2.1' gem 'jquery-datatables-rails', '~> 3.4' gem "js-routes", "~> 1.2.4" -gem 'osc_machete_rails', '~> 1.3.0' +gem 'osc_machete_rails', '~> 2.1.2' gem 'pbs', '~> 2.2.1' -gem 'ood_appkit', '~> 1.1.4' - -# thor > 0.19.1 prints some warnings to stderr which will require changes -# https://github.com/erikhuda/thor/issues/538 -gem 'thor', '0.19.1' +gem 'ood_appkit', '~> 2.0' # we have to lock rdoc because 6.4 depends on psych 4.0 which breaks with # Psych::BadAlias: Cannot load database configuration: Unknown alias: default diff --git a/apps/myjobs/Gemfile.lock b/apps/myjobs/Gemfile.lock index 7da2edd30e..e66dd2619c 100644 --- a/apps/myjobs/Gemfile.lock +++ b/apps/myjobs/Gemfile.lock @@ -1,50 +1,63 @@ GEM remote: https://rubygems.org/ specs: - actioncable (5.2.7.1) - actionpack (= 5.2.7.1) + actioncable (6.0.5) + actionpack (= 6.0.5) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailer (5.2.7.1) - actionpack (= 5.2.7.1) - actionview (= 5.2.7.1) - activejob (= 5.2.7.1) + actionmailbox (6.0.5) + actionpack (= 6.0.5) + activejob (= 6.0.5) + activerecord (= 6.0.5) + activestorage (= 6.0.5) + activesupport (= 6.0.5) + mail (>= 2.7.1) + actionmailer (6.0.5) + actionpack (= 6.0.5) + actionview (= 6.0.5) + activejob (= 6.0.5) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.2.7.1) - actionview (= 5.2.7.1) - activesupport (= 5.2.7.1) + actionpack (6.0.5) + actionview (= 6.0.5) + activesupport (= 6.0.5) rack (~> 2.0, >= 2.0.8) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.2.7.1) - activesupport (= 5.2.7.1) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actiontext (6.0.5) + actionpack (= 6.0.5) + activerecord (= 6.0.5) + activestorage (= 6.0.5) + activesupport (= 6.0.5) + nokogiri (>= 1.8.5) + actionview (6.0.5) + activesupport (= 6.0.5) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (5.2.7.1) - activesupport (= 5.2.7.1) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activejob (6.0.5) + activesupport (= 6.0.5) globalid (>= 0.3.6) - activemodel (5.2.7.1) - activesupport (= 5.2.7.1) - activerecord (5.2.7.1) - activemodel (= 5.2.7.1) - activesupport (= 5.2.7.1) - arel (>= 9.0) - activestorage (5.2.7.1) - actionpack (= 5.2.7.1) - activerecord (= 5.2.7.1) - marcel (~> 1.0.0) - activesupport (5.2.7.1) + activemodel (6.0.5) + activesupport (= 6.0.5) + activerecord (6.0.5) + activemodel (= 6.0.5) + activesupport (= 6.0.5) + activestorage (6.0.5) + actionpack (= 6.0.5) + activejob (= 6.0.5) + activerecord (= 6.0.5) + marcel (~> 1.0) + activesupport (6.0.5) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) + zeitwerk (~> 2.2, >= 2.2.2) addressable (2.8.0) public_suffix (>= 2.0.2, < 5.0) - arel (9.0.0) autoprefixer-rails (8.6.5) execjs bootstrap-sass (3.4.1) @@ -98,7 +111,7 @@ GEM activesupport (>= 4) railties (>= 4) request_store (~> 1.0) - loofah (2.17.0) + loofah (2.18.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) @@ -114,22 +127,22 @@ GEM nokogiri (1.13.6) mini_portile2 (~> 2.8.0) racc (~> 1.4) - ood_appkit (1.1.5) + ood_appkit (2.1.0) addressable (~> 2.4) lograge (~> 0.3) ood_core (~> 0.1) - rails (> 4.0.7, < 6.0) + rails (>= 6.0.0, < 7) redcarpet (~> 3.2) ood_core (0.19.0) ffi (~> 1.9, >= 1.9.6) ood_support (~> 0.0.2) ood_support (0.0.3) - osc-machete (1.2.2) + osc-machete (2.0.0) mustache pbs (~> 2.0) - osc_machete_rails (1.3.1) - osc-machete (~> 1.2.0) - rails (~> 5.0, >= 5.0.0) + osc_machete_rails (2.1.2) + osc-machete (~> 2.0) + rails (>= 5.0.0) pbs (2.2.1) ffi (~> 1.9, >= 1.9.6) public_suffix (4.0.7) @@ -137,18 +150,20 @@ GEM rack (2.2.3) rack-test (1.1.0) rack (>= 1.0, < 3) - rails (5.2.7.1) - actioncable (= 5.2.7.1) - actionmailer (= 5.2.7.1) - actionpack (= 5.2.7.1) - actionview (= 5.2.7.1) - activejob (= 5.2.7.1) - activemodel (= 5.2.7.1) - activerecord (= 5.2.7.1) - activestorage (= 5.2.7.1) - activesupport (= 5.2.7.1) + rails (6.0.5) + actioncable (= 6.0.5) + actionmailbox (= 6.0.5) + actionmailer (= 6.0.5) + actionpack (= 6.0.5) + actiontext (= 6.0.5) + actionview (= 6.0.5) + activejob (= 6.0.5) + activemodel (= 6.0.5) + activerecord (= 6.0.5) + activestorage (= 6.0.5) + activesupport (= 6.0.5) bundler (>= 1.3.0) - railties (= 5.2.7.1) + railties (= 6.0.5) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) @@ -159,12 +174,12 @@ GEM nokogiri (>= 1.6) rails-html-sanitizer (1.4.2) loofah (~> 2.3) - railties (5.2.7.1) - actionpack (= 5.2.7.1) - activesupport (= 5.2.7.1) + railties (6.0.5) + actionpack (= 6.0.5) + activesupport (= 6.0.5) method_source rake (>= 0.8.7) - thor (>= 0.19.0, < 2.0) + thor (>= 0.20.3, < 2.0) rake (13.0.6) rb-fsevent (0.11.1) rb-inotify (0.10.1) @@ -186,7 +201,7 @@ GEM tilt (>= 1.1, < 3) sassc (2.4.0) ffi (~> 1.9) - sdoc (2.3.2) + sdoc (2.4.0) rdoc (>= 5.0) sprockets (3.7.2) concurrent-ruby (~> 1.0) @@ -195,8 +210,8 @@ GEM actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) - sqlite3 (1.3.13) - thor (0.19.1) + sqlite3 (1.4.2) + thor (1.2.1) thread_safe (0.3.6) tilt (2.0.10) timecop (0.9.5) @@ -207,6 +222,7 @@ GEM websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) + zeitwerk (2.5.4) PLATFORMS ruby @@ -226,16 +242,15 @@ DEPENDENCIES js-routes (~> 1.2.4) local_time (~> 1.0.3) mocha (~> 1.1) - ood_appkit (~> 1.1.4) - osc_machete_rails (~> 1.3.0) + ood_appkit (~> 2.0) + osc_machete_rails (~> 2.1.2) pbs (~> 2.2.1) - rails (= 5.2.7.1) + rails (= 6.0.5) rails-controller-testing rdoc (= 6.3.3) sass-rails (~> 5.0) sdoc - sqlite3 (= 1.3.13) - thor (= 0.19.1) + sqlite3 (= 1.4.2) timecop (~> 0.9) uglifier (>= 1.3.0) diff --git a/apps/myjobs/app/assets/javascripts/workflows.js.coffee b/apps/myjobs/app/assets/javascripts/workflows.js.coffee index 0ca6061f75..4896ab747a 100644 --- a/apps/myjobs/app/assets/javascripts/workflows.js.coffee +++ b/apps/myjobs/app/assets/javascripts/workflows.js.coffee @@ -20,7 +20,7 @@ $(window).focus -> if id? $.ajax type: 'GET' - url: Routes.workflow_path(id) + url: Routes.workflow_path(id, format: 'json') contentType: "application/json; charset=utf-8" dataType: "json" error: (jqXHR, textStatus, errorThrown) -> diff --git a/apps/myjobs/config/application.rb b/apps/myjobs/config/application.rb index 7a89c1dba9..b2e39809f2 100644 --- a/apps/myjobs/config/application.rb +++ b/apps/myjobs/config/application.rb @@ -1,10 +1,19 @@ require_relative 'boot' -require 'active_record/railtie' -require 'action_controller/railtie' -require 'action_view/railtie' -require 'rails/test_unit/railtie' -require 'sprockets/railtie' +require "rails" +# Pick the frameworks you want: +require "active_model/railtie" +# require "active_job/railtie" +require "active_record/railtie" +# require "active_storage/engine" +require "action_controller/railtie" +# require "action_mailer/railtie" +# require "action_mailbox/engine" +# require "action_text/engine" +require "action_view/railtie" +# require "action_cable/engine" +require "sprockets/railtie" +require "rails/test_unit/railtie" # Require the gems listed in Gemfile, including any gems diff --git a/apps/myjobs/config/environments/development.rb b/apps/myjobs/config/environments/development.rb index 000981f79a..6b2685972c 100644 --- a/apps/myjobs/config/environments/development.rb +++ b/apps/myjobs/config/environments/development.rb @@ -6,18 +6,17 @@ # since you don't have to restart the web server when you make code changes. config.cache_classes = false - # Eager load code on boot, necessary for - # OscMacheteRails::update_status_of_all_active_jobs_on_each_request + # Do not eager load code on boot. config.eager_load = false - # Show full error reports and disable caching. - config.consider_all_requests_local = true - config.action_controller.perform_caching = false + # Show full error reports. + config.consider_all_requests_local = true # Enable/disable caching. By default caching is disabled. # Run rails dev:cache to toggle caching. if Rails.root.join('tmp', 'caching-dev.txt').exist? config.action_controller.perform_caching = true + config.action_controller.enable_fragment_cache_logging = true config.cache_store = :memory_store config.public_file_server.headers = { @@ -29,14 +28,6 @@ config.cache_store = :null_store end - # Store uploaded files on the local file system (see config/storage.yml for options) - # config.active_storage.service = :local - - # Don't care if the mailer can't send. - # config.action_mailer.raise_delivery_errors = false - - # config.action_mailer.perform_caching = false - # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log @@ -54,10 +45,12 @@ # Suppress logger output for asset requests. config.assets.quiet = true - # Raises error for missing translations + # Raises error for missing translations. # config.action_view.raise_on_missing_translations = true # Use an evented file watcher to asynchronously detect changes in source code, # routes, locales, etc. This feature depends on the listen gem. # config.file_watcher = ActiveSupport::EventedFileUpdateChecker + + config.hosts = nil end diff --git a/apps/myjobs/config/environments/production.rb b/apps/myjobs/config/environments/production.rb index 4f0a7eff25..4f9715f182 100644 --- a/apps/myjobs/config/environments/production.rb +++ b/apps/myjobs/config/environments/production.rb @@ -24,13 +24,12 @@ # Compress JavaScripts and CSS. config.assets.js_compressor = Uglifier.new(harmony: true) + # Compress CSS using a preprocessor. # config.assets.css_compressor = :sass # Do not fallback to assets pipeline if a precompiled asset is missed. config.assets.compile = false - # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb - # Enable serving of images, stylesheets, and JavaScripts from an asset server. # config.action_controller.asset_host = 'http://assets.example.com' @@ -38,15 +37,6 @@ # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX - # Store uploaded files on the local file system (see config/storage.yml for options) - # we don't use or depend on active_storage so we can't enable the config - # config.active_storage.service = :local - - # Mount Action Cable outside main process or domain - # config.action_cable.mount_path = nil - # config.action_cable.url = 'wss://example.com/cable' - # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] - # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # config.force_ssl = true @@ -55,21 +45,14 @@ config.log_level = :debug # Prepend all log lines with the following tags. - # config.log_tags = [ :subdomain, :uuid ] + config.log_tags = [ :request_id ] # Use a different cache store in production. # config.cache_store = :mem_cache_store - # Use a real queuing backend for Active Job (and separate queues per environment) + # Use a real queuing backend for Active Job (and separate queues per environment). # config.active_job.queue_adapter = :resque - # config.active_job.queue_name_prefix = "job_constructor_#{Rails.env}" - - # we don't use or depend on action_mailer so we can't enable these configs - # config.action_mailer.perform_caching = false - - # Ignore bad email addresses and do not raise email delivery errors. - # Set this to true and configure the email server for immediate delivery to raise delivery errors. - # config.action_mailer.raise_delivery_errors = false + # config.active_job.queue_name_prefix = "job_constructor_production" # Enable locale fallbacks for I18n (makes lookups for any locale fall back to # the I18n.default_locale when a translation cannot be found). diff --git a/apps/myjobs/config/environments/test.rb b/apps/myjobs/config/environments/test.rb index 565bc00380..b4cc5ef532 100644 --- a/apps/myjobs/config/environments/test.rb +++ b/apps/myjobs/config/environments/test.rb @@ -1,10 +1,11 @@ +# The test environment is used exclusively to run your application's +# test suite. You never need to work with it otherwise. Remember that +# your test database is "scratch space" for the test suite and is wiped +# and recreated between test runs. Don't rely on the data there! + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # The test environment is used exclusively to run your application's - # test suite. You never need to work with it otherwise. Remember that - # your test database is "scratch space" for the test suite and is wiped - # and recreated between test runs. Don't rely on the data there! config.cache_classes = true # Do not eager load code on boot. This avoids loading your whole application @@ -21,6 +22,7 @@ # Show full error reports and disable caching. config.consider_all_requests_local = true config.action_controller.perform_caching = false + config.cache_store = :null_store # Raise exceptions instead of rendering exception templates. config.action_dispatch.show_exceptions = false @@ -28,22 +30,12 @@ # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false - # Store uploaded files on the local file system in a temporary directory - # config.active_storage.service = :test - - # config.action_mailer.perform_caching = false - - # Tell Action Mailer not to deliver emails to the real world. - # The :test delivery method accumulates sent emails in the - # ActionMailer::Base.deliveries array. - # config.action_mailer.delivery_method = :test - # Randomize the order test cases are executed. config.active_support.test_order = :random # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raises error for missing translations + # Raises error for missing translations. # config.action_view.raise_on_missing_translations = true end diff --git a/apps/myjobs/config/initializers/content_security_policy.rb b/apps/myjobs/config/initializers/content_security_policy.rb index d3bcaa5ec8..35d0f26fcd 100644 --- a/apps/myjobs/config/initializers/content_security_policy.rb +++ b/apps/myjobs/config/initializers/content_security_policy.rb @@ -11,6 +11,8 @@ # policy.object_src :none # policy.script_src :self, :https # policy.style_src :self, :https +# # If you are using webpack-dev-server then specify webpack-dev-server host +# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development? # # Specify URI for violation reports # # policy.report_uri "/csp-violation-report-endpoint" @@ -19,6 +21,9 @@ # If you are using UJS then enable automatic nonce generation # Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } +# Set the nonce only to specific directives +# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) + # Report CSP violations to a specified URI # For further information see the following documentation: # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only diff --git a/apps/myjobs/config/initializers/new_framework_defaults_5_2.rb b/apps/myjobs/config/initializers/new_framework_defaults_5_2.rb deleted file mode 100644 index 5132a0b1ab..0000000000 --- a/apps/myjobs/config/initializers/new_framework_defaults_5_2.rb +++ /dev/null @@ -1,38 +0,0 @@ -# Be sure to restart your server when you modify this file. -# -# This file contains migration options to ease your Rails 5.2 upgrade. -# -# Once upgraded flip defaults one by one to migrate to the new default. -# -# Read the Guide for Upgrading Ruby on Rails for more info on each option. - -# Make Active Record use stable #cache_key alongside new #cache_version method. -# This is needed for recyclable cache keys. -# Rails.application.config.active_record.cache_versioning = true - -# Use AES-256-GCM authenticated encryption for encrypted cookies. -# Also, embed cookie expiry in signed or encrypted cookies for increased security. -# -# This option is not backwards compatible with earlier Rails versions. -# It's best enabled when your entire app is migrated and stable on 5.2. -# -# Existing cookies will be converted on read then written with the new scheme. -# Rails.application.config.action_dispatch.use_authenticated_cookie_encryption = true - -# Use AES-256-GCM authenticated encryption as default cipher for encrypting messages -# instead of AES-256-CBC, when use_authenticated_message_encryption is set to true. -# Rails.application.config.active_support.use_authenticated_message_encryption = true - -# Add default protection from forgery to ActionController::Base instead of in -# ApplicationController. -# Rails.application.config.action_controller.default_protect_from_forgery = true - -# Store boolean values are in sqlite3 databases as 1 and 0 instead of 't' and -# 'f' after migrating old data. -Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true - -# Use SHA-1 instead of MD5 to generate non-sensitive digests, such as the ETag header. -# Rails.application.config.active_support.use_sha1_digests = true - -# Make `form_with` generate id attributes for any generated HTML tags. -# Rails.application.config.action_view.form_with_generates_ids = true diff --git a/apps/myjobs/config/initializers/new_framework_defaults_6_0.rb b/apps/myjobs/config/initializers/new_framework_defaults_6_0.rb new file mode 100644 index 0000000000..92240ef5f5 --- /dev/null +++ b/apps/myjobs/config/initializers/new_framework_defaults_6_0.rb @@ -0,0 +1,45 @@ +# Be sure to restart your server when you modify this file. +# +# This file contains migration options to ease your Rails 6.0 upgrade. +# +# Once upgraded flip defaults one by one to migrate to the new default. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. + +# Don't force requests from old versions of IE to be UTF-8 encoded. +# Rails.application.config.action_view.default_enforce_utf8 = false + +# Embed purpose and expiry metadata inside signed and encrypted +# cookies for increased security. +# +# This option is not backwards compatible with earlier Rails versions. +# It's best enabled when your entire app is migrated and stable on 6.0. +# Rails.application.config.action_dispatch.use_cookies_with_metadata = true + +# Change the return value of `ActionDispatch::Response#content_type` to Content-Type header without modification. +# Rails.application.config.action_dispatch.return_only_media_type_on_content_type = false + +# Return false instead of self when enqueuing is aborted from a callback. +# Rails.application.config.active_job.return_false_on_aborted_enqueue = true + +# Send Active Storage analysis and purge jobs to dedicated queues. +# Rails.application.config.active_storage.queues.analysis = :active_storage_analysis +# Rails.application.config.active_storage.queues.purge = :active_storage_purge + +# When assigning to a collection of attachments declared via `has_many_attached`, replace existing +# attachments instead of appending. Use #attach to add new attachments without replacing existing ones. +# Rails.application.config.active_storage.replace_on_assign_to_many = true + +# Use ActionMailer::MailDeliveryJob for sending parameterized and normal mail. +# +# The default delivery jobs (ActionMailer::Parameterized::DeliveryJob, ActionMailer::DeliveryJob), +# will be removed in Rails 6.1. This setting is not backwards compatible with earlier Rails versions. +# If you send mail in the background, job workers need to have a copy of +# MailDeliveryJob to ensure all delivery jobs are processed properly. +# Make sure your entire app is migrated and stable on 6.0 before using this setting. +# Rails.application.config.action_mailer.delivery_job = "ActionMailer::MailDeliveryJob" + +# Enable the same cache key to be reused when the object being cached of type +# `ActiveRecord::Relation` changes by moving the volatile information (max updated at and count) +# of the relation's cache key into the cache version to support recycling cache key. +# Rails.application.config.active_record.collection_cache_versioning = true diff --git a/apps/myjobs/config/locales/en.yml b/apps/myjobs/config/locales/en.yml index e4c607400b..b9f5e79f7a 100644 --- a/apps/myjobs/config/locales/en.yml +++ b/apps/myjobs/config/locales/en.yml @@ -16,8 +16,18 @@ # # This would use the information in config/locales/es.yml. # +# The following keys must be escaped otherwise they will not be retrieved by +# the default I18n backend: +# +# true, false, on, off, yes, no +# +# Instead, surround them with single quotes. +# +# en: +# 'true': 'foo' +# # To learn more, please read the Rails Internationalization guide -# available at http://guides.rubyonrails.org/i18n.html. +# available at https://guides.rubyonrails.org/i18n.html. en: jobcomposer: diff --git a/apps/myjobs/db/schema.rb b/apps/myjobs/db/schema.rb index fb1ee8b862..ce45e214cc 100644 --- a/apps/myjobs/db/schema.rb +++ b/apps/myjobs/db/schema.rb @@ -2,11 +2,11 @@ # of editing this file, please use the migrations feature of Active Record to # incrementally modify your database, and then regenerate this schema definition. # -# Note that this schema.rb definition is the authoritative source for your -# database schema. If you need to create the application database on another -# system, you should be using db:schema:load, not running all the migrations -# from scratch. The latter is a flawed and unsustainable approach (the more migrations -# you'll amass, the slower it'll run and the greater likelihood for issues). +# This file is the source Rails uses to define your schema when running `rails +# db:schema:load`. When creating a new database, `rails db:schema:load` tends to +# be faster and is potentially less error prone than running all of your +# migrations from scratch. Old migrations may fail to apply correctly if those +# migrations use external dependencies or application code. # # It's strongly recommended that you check this file into your version control system.