From 1bb68d370a9d23322c695b4825427f95fc048e10 Mon Sep 17 00:00:00 2001 From: dadachi Date: Fri, 6 Mar 2026 18:32:05 +0900 Subject: [PATCH 1/2] Upgrade Rails from 7.2.3 to 8.0.4 - Update config.load_defaults from 7.1 to 8.0 - Migrate all enum declarations to Rails 8.0 positional argument syntax - Remove old framework defaults file (7.2) - Remove SHA1 digest rotation and css_compressor workaround from config/application.rb - Update environment configs for Rails 8.0 defaults - Add :cvv, :cvc to filtered parameters - Update bin/dev to use overmind Co-Authored-By: Claude Opus 4.6 --- CLAUDE.md | 2 +- Gemfile | 2 +- Gemfile.lock | 148 +++++++++--------- app/models/app_version.rb | 4 +- app/models/item_tag.rb | 4 +- app/models/privacy_version.rb | 2 +- app/models/terms_version.rb | 2 +- bin/dev | 12 +- config/application.rb | 19 +-- config/environments/development.rb | 15 +- config/environments/production.rb | 47 ++---- config/environments/staging.rb | 44 ++---- config/environments/test.rb | 13 +- .../initializers/filter_parameter_logging.rb | 2 +- .../new_framework_defaults_7_2.rb | 70 --------- 15 files changed, 126 insertions(+), 260 deletions(-) delete mode 100644 config/initializers/new_framework_defaults_7_2.rb diff --git a/CLAUDE.md b/CLAUDE.md index 5016f1e..677c5c9 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -4,7 +4,7 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co ## Project Overview -This is a Rails 7.2 API application that serves as the backend for NativeAppTemplate iOS/Android mobile applications. It's a multi-tenant SaaS application with token-based authentication, role-based authorization, and RESTful API endpoints. Ruby 4.0.1, PostgreSQL, Redis, Sidekiq. +This is a Rails 8.0 API application that serves as the backend for NativeAppTemplate iOS/Android mobile applications. It's a multi-tenant SaaS application with token-based authentication, role-based authorization, and RESTful API endpoints. Ruby 4.0.1, PostgreSQL, Redis, Sidekiq. ## Development Commands diff --git a/Gemfile b/Gemfile index 8b3de92..cf674b7 100644 --- a/Gemfile +++ b/Gemfile @@ -4,7 +4,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby file: ".ruby-version" # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem "rails", "~> 7.2.3" +gem "rails", "~> 8.0.0" gem "propshaft", "~> 1.0" diff --git a/Gemfile.lock b/Gemfile.lock index ab3fd1c..7198a9f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -13,68 +13,65 @@ GEM specs: aasm (5.5.0) concurrent-ruby (~> 1.0) - actioncable (7.2.3) - actionpack (= 7.2.3) - activesupport (= 7.2.3) + actioncable (8.0.4) + actionpack (= 8.0.4) + activesupport (= 8.0.4) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.2.3) - actionpack (= 7.2.3) - activejob (= 7.2.3) - activerecord (= 7.2.3) - activestorage (= 7.2.3) - activesupport (= 7.2.3) + actionmailbox (8.0.4) + actionpack (= 8.0.4) + activejob (= 8.0.4) + activerecord (= 8.0.4) + activestorage (= 8.0.4) + activesupport (= 8.0.4) mail (>= 2.8.0) - actionmailer (7.2.3) - actionpack (= 7.2.3) - actionview (= 7.2.3) - activejob (= 7.2.3) - activesupport (= 7.2.3) + actionmailer (8.0.4) + actionpack (= 8.0.4) + actionview (= 8.0.4) + activejob (= 8.0.4) + activesupport (= 8.0.4) mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.2.3) - actionview (= 7.2.3) - activesupport (= 7.2.3) - cgi + actionpack (8.0.4) + actionview (= 8.0.4) + activesupport (= 8.0.4) nokogiri (>= 1.8.5) - racc - rack (>= 2.2.4, < 3.3) + rack (>= 2.2.4) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) useragent (~> 0.16) - actiontext (7.2.3) - actionpack (= 7.2.3) - activerecord (= 7.2.3) - activestorage (= 7.2.3) - activesupport (= 7.2.3) + actiontext (8.0.4) + actionpack (= 8.0.4) + activerecord (= 8.0.4) + activestorage (= 8.0.4) + activesupport (= 8.0.4) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.2.3) - activesupport (= 7.2.3) + actionview (8.0.4) + activesupport (= 8.0.4) builder (~> 3.1) - cgi erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - activejob (7.2.3) - activesupport (= 7.2.3) + activejob (8.0.4) + activesupport (= 8.0.4) globalid (>= 0.3.6) - activemodel (7.2.3) - activesupport (= 7.2.3) - activerecord (7.2.3) - activemodel (= 7.2.3) - activesupport (= 7.2.3) + activemodel (8.0.4) + activesupport (= 8.0.4) + activerecord (8.0.4) + activemodel (= 8.0.4) + activesupport (= 8.0.4) timeout (>= 0.4.0) - activestorage (7.2.3) - actionpack (= 7.2.3) - activejob (= 7.2.3) - activerecord (= 7.2.3) - activesupport (= 7.2.3) + activestorage (8.0.4) + actionpack (= 8.0.4) + activejob (= 8.0.4) + activerecord (= 8.0.4) + activesupport (= 8.0.4) marcel (~> 1.0) - activesupport (7.2.3) + activesupport (8.0.4) base64 benchmark (>= 0.3) bigdecimal @@ -86,6 +83,7 @@ GEM minitest (>= 5.1) securerandom (>= 0.3) tzinfo (~> 2.0, >= 2.0.5) + uri (>= 0.13.1) acts_as_tenant (1.0.1) rails (>= 6.0) addressable (2.8.7) @@ -120,7 +118,6 @@ GEM rack-test (>= 0.6.3) regexp_parser (>= 1.5, < 3.0) xpath (~> 3.2) - cgi (0.5.1) childprocess (5.1.0) logger (~> 1.5) chronic (0.10.2) @@ -147,12 +144,12 @@ GEM railties (>= 4.1.0) responders warden (~> 1.2.3) - devise_token_auth (1.2.5) + devise_token_auth (1.2.6) bcrypt (~> 3.0) devise (> 3.5.2, < 5) - rails (>= 4.2.0, < 8.1) + rails (>= 4.2.0, < 8.2) drb (2.2.3) - erb (6.0.1) + erb (6.0.2) erb_lint (0.9.0) activesupport better_html (>= 2.0.1) @@ -185,8 +182,9 @@ GEM activesupport (>= 3.0) nokogiri (>= 1.6) io-console (0.8.2) - irb (1.16.0) + irb (1.17.0) pp (>= 0.6.0) + prism (>= 1.3.0) rdoc (>= 4.0.0) reline (>= 0.4.2) jbuilder (2.13.0) @@ -225,7 +223,7 @@ GEM mini_portile2 (2.8.9) minitest (5.27.0) msgpack (1.8.0) - net-imap (0.6.2) + net-imap (0.6.3) date net-protocol net-pop (0.1.2) @@ -235,18 +233,18 @@ GEM net-smtp (0.5.1) net-protocol nio4r (2.7.5) - nokogiri (1.19.0) + nokogiri (1.19.1) mini_portile2 (~> 2.8.2) racc (~> 1.4) - nokogiri (1.19.0-aarch64-linux-gnu) + nokogiri (1.19.1-aarch64-linux-gnu) racc (~> 1.4) - nokogiri (1.19.0-arm-linux-gnu) + nokogiri (1.19.1-arm-linux-gnu) racc (~> 1.4) - nokogiri (1.19.0-arm64-darwin) + nokogiri (1.19.1-arm64-darwin) racc (~> 1.4) - nokogiri (1.19.0-x86_64-darwin) + nokogiri (1.19.1-x86_64-darwin) racc (~> 1.4) - nokogiri (1.19.0-x86_64-linux-gnu) + nokogiri (1.19.1-x86_64-linux-gnu) racc (~> 1.4) orm_adapter (0.5.0) ostruct (0.6.1) @@ -290,31 +288,30 @@ GEM rack (>= 1.3) rackup (2.3.1) rack (>= 3) - rails (7.2.3) - actioncable (= 7.2.3) - actionmailbox (= 7.2.3) - actionmailer (= 7.2.3) - actionpack (= 7.2.3) - actiontext (= 7.2.3) - actionview (= 7.2.3) - activejob (= 7.2.3) - activemodel (= 7.2.3) - activerecord (= 7.2.3) - activestorage (= 7.2.3) - activesupport (= 7.2.3) + rails (8.0.4) + actioncable (= 8.0.4) + actionmailbox (= 8.0.4) + actionmailer (= 8.0.4) + actionpack (= 8.0.4) + actiontext (= 8.0.4) + actionview (= 8.0.4) + activejob (= 8.0.4) + activemodel (= 8.0.4) + activerecord (= 8.0.4) + activestorage (= 8.0.4) + activesupport (= 8.0.4) bundler (>= 1.15.0) - railties (= 7.2.3) + railties (= 8.0.4) rails-dom-testing (2.3.0) activesupport (>= 5.0.0) minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.6.2) - loofah (~> 2.21) + rails-html-sanitizer (1.7.0) + loofah (~> 2.25) nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) - railties (7.2.3) - actionpack (= 7.2.3) - activesupport (= 7.2.3) - cgi + railties (8.0.4) + actionpack (= 8.0.4) + activesupport (= 8.0.4) irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) @@ -323,7 +320,7 @@ GEM zeitwerk (~> 2.6) rainbow (3.1.1) rake (13.3.1) - rdoc (7.0.3) + rdoc (7.2.0) erb psych (>= 4.0.0) tsort @@ -408,6 +405,7 @@ GEM unicode-display_width (3.2.0) unicode-emoji (~> 4.1) unicode-emoji (4.2.0) + uri (1.1.1) useragent (0.16.11) valid_email2 (7.0.0) activemodel (>= 6.0) @@ -432,7 +430,7 @@ GEM chronic (>= 0.6.3) xpath (3.2.0) nokogiri (~> 1.8) - zeitwerk (2.7.4) + zeitwerk (2.7.5) PLATFORMS aarch64-linux @@ -472,7 +470,7 @@ DEPENDENCIES pundit rack-attack rack-cors - rails (~> 7.2.3) + rails (~> 8.0.0) redis (~> 5.1) rubocop-rails-omakase seed-fu (~> 2.3) diff --git a/app/models/app_version.rb b/app/models/app_version.rb index 3b02335..8e398d9 100644 --- a/app/models/app_version.rb +++ b/app/models/app_version.rb @@ -1,6 +1,6 @@ class AppVersion < ApplicationRecord - enum current_type: {uncurrent: 1, current: 2} - enum forced_update_type: {unforced_update: 1, forced_update: 2} + enum :current_type, {uncurrent: 1, current: 2} + enum :forced_update_type, {unforced_update: 1, forced_update: 2} def self.current_version(platform:) AppVersion diff --git a/app/models/item_tag.rb b/app/models/item_tag.rb index 9b537b8..e00ad55 100644 --- a/app/models/item_tag.rb +++ b/app/models/item_tag.rb @@ -7,8 +7,8 @@ class ItemTag < ApplicationRecord belongs_to :created_by, class_name: "Shopkeeper", optional: true belongs_to :completed_by, class_name: "Shopkeeper", optional: true - enum state: {idled: 1, completed: 2} - enum scan_state: {unscanned: 1, scanned: 2} + enum :state, {idled: 1, completed: 2} + enum :scan_state, {unscanned: 1, scanned: 2} scope :sorted, -> { order(queue_number: :asc) } scope :sorted_recent_first_order, -> { order(completed_at: :desc) } diff --git a/app/models/privacy_version.rb b/app/models/privacy_version.rb index 224150f..cdc1d50 100644 --- a/app/models/privacy_version.rb +++ b/app/models/privacy_version.rb @@ -1,5 +1,5 @@ class PrivacyVersion < ApplicationRecord - enum current_type: {uncurrent: 1, current: 2} + enum :current_type, {uncurrent: 1, current: 2} def self.current_version PrivacyVersion diff --git a/app/models/terms_version.rb b/app/models/terms_version.rb index 2e8e9ed..0fd3efc 100644 --- a/app/models/terms_version.rb +++ b/app/models/terms_version.rb @@ -1,5 +1,5 @@ class TermsVersion < ApplicationRecord - enum current_type: {uncurrent: 1, current: 2} + enum :current_type, {uncurrent: 1, current: 2} def self.current_version TermsVersion diff --git a/bin/dev b/bin/dev index b8f0fc2..904ab75 100755 --- a/bin/dev +++ b/bin/dev @@ -3,12 +3,8 @@ # Default to port 3000 if not specified export PORT="${PORT:-3000}" -if command -v overmind > /dev/null 2>&1; then - exec overmind start -f Procfile.dev "$@" -else - if ! gem list foreman -i --silent; then - echo "Installing foreman..." - gem install foreman - fi - exec foreman start -f Procfile.dev "$@" +if ! command -v overmind 2>&1 >/dev/null; then + gem install overmind fi + +exec overmind start -T -f Procfile.dev "$@" diff --git a/config/application.rb b/config/application.rb index a824a90..24d722e 100644 --- a/config/application.rb +++ b/config/application.rb @@ -9,7 +9,7 @@ module Nativeapptemplateapi class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 7.1 + config.load_defaults 8.0 # Please, add to the `ignore` list any other `lib` subdirectories that do # not contain `.rb` files, or that should not be reloaded or eager loaded. @@ -40,23 +40,6 @@ class Application < Rails::Application # Use default language as fallback if translation is missing config.i18n.fallbacks = true - # Prevent sassc-rails from setting sass as the compressor - # Libsass is deprecated and doesn't support modern CSS syntax used by TailwindCSS - config.assets.css_compressor = nil - - # Rails 7 defaults to libvips as the variant processor - # libvips is up to 10x faster and consumes 1/10th the memory of imagemagick - # If you need to use imagemagick, uncomment this to switch - # config.active_storage.variant_processor = :mini_magick - - # Support older SHA1 digests for ActiveStorage so ActionText attachments don't break - config.after_initialize do |app| - app.message_verifier("ActiveStorage").rotate(digest: "SHA1") - end - - # Support older SHA1 digests for ActiveRecord::Encryption - config.active_record.encryption.support_sha1_for_non_deterministic_encryption = true - config.active_model.i18n_customize_full_message = true # https://github.com/heartcombo/devise/issues/4825 diff --git a/config/environments/development.rb b/config/environments/development.rb index 5dc6d4e..0a58111 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -23,15 +23,13 @@ if Rails.root.join("tmp/caching-dev.txt").exist? config.action_controller.perform_caching = true config.action_controller.enable_fragment_cache_logging = true - - config.cache_store = :memory_store config.public_file_server.headers = {"Cache-Control" => "public, max-age=#{2.days.to_i}"} else config.action_controller.perform_caching = false - - config.cache_store = :null_store end + config.cache_store = :memory_store + # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local @@ -45,18 +43,15 @@ # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true + # Append comments with runtime information tags to SQL queries in logs. + config.active_record.query_log_tags_enabled = true + # Highlight code that enqueued background job in logs. config.active_job.verbose_enqueue_logs = true diff --git a/config/environments/production.rb b/config/environments/production.rb index ab98608..a35aaf3 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -6,22 +6,20 @@ # Code is not reloaded between requests. config.enable_reloading = false - # Eager load code on boot. This eager loads most of Rails and - # your application in memory, allowing both threaded web servers - # and those relying on copy on write to perform better. - # Rake tasks automatically ignore this option for performance. + # Eager load code on boot for better performance and memory savings (ignored by Rake tasks). config.eager_load = true - # Full error reports are disabled and caching is turned on. + # Full error reports are disabled. config.consider_all_requests_local = false + + # Turn on fragment caching in view templates. config.action_controller.perform_caching = true - # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment - # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). - # config.require_master_key = true + # Cache assets for far-future expiry since they are all digest stamped. + config.public_file_server.headers = {"cache-control" => "public, max-age=#{1.year.to_i}"} - # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. - # config.public_file_server.enabled = false + # Enable serving of images, stylesheets, and JavaScripts from an asset server. + # config.asset_host = "http://assets.example.com" # Compress CSS using a preprocessor. config.assets.css_compressor = nil @@ -29,13 +27,6 @@ # Do not fall back to assets pipeline if a precompiled asset is missed. config.assets.compile = false - # Enable serving of images, stylesheets, and JavaScripts from an asset server. - # config.asset_host = "http://assets.example.com" - - # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache - # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX - # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local @@ -54,21 +45,18 @@ # Skip http-to-https redirect for the default health check endpoint. # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } - # Log to STDOUT by default - config.logger = ActiveSupport::Logger.new($stdout) - .tap { |logger| logger.formatter = ::Logger::Formatter.new } - .then { |logger| ActiveSupport::TaggedLogging.new(logger) } - - # Prepend all log lines with the following tags. + # Log to STDOUT with the current request id as a default log tag. config.log_tags = [:request_id] + config.logger = ActiveSupport::TaggedLogging.logger($stdout) - # "info" includes generic and useful information about system operation, but avoids logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). If you - # want to log everything, set the level to "debug". + # Change to "debug" to log everything (including potentially personally-identifiable information!). config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") - # Use a different cache store in production. - # config.cache_store = :mem_cache_store + # Prevent health checks from clogging up the logs. + config.silence_healthcheck_path = "/up" + + # Don't log any deprecations. + config.active_support.report_deprecations = false # Use a real queuing backend for Active Job (and separate queues per environment). config.active_job.queue_adapter = :sidekiq @@ -84,9 +72,6 @@ # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Don't log any deprecations. - config.active_support.report_deprecations = false - # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false diff --git a/config/environments/staging.rb b/config/environments/staging.rb index 2650ce6..8833392 100644 --- a/config/environments/staging.rb +++ b/config/environments/staging.rb @@ -6,22 +6,20 @@ # Code is not reloaded between requests. config.enable_reloading = false - # Eager load code on boot. This eager loads most of Rails and - # your application in memory, allowing both threaded web servers - # and those relying on copy on write to perform better. - # Rake tasks automatically ignore this option for performance. + # Eager load code on boot for better performance and memory savings (ignored by Rake tasks). config.eager_load = true - # Full error reports are disabled and caching is turned on. + # Full error reports are disabled. config.consider_all_requests_local = false + + # Turn on fragment caching in view templates. config.action_controller.perform_caching = true - # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment - # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). - # config.require_master_key = true + # Cache assets for far-future expiry since they are all digest stamped. + config.public_file_server.headers = {"cache-control" => "public, max-age=#{1.year.to_i}"} - # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. - # config.public_file_server.enabled = false + # Enable serving of images, stylesheets, and JavaScripts from an asset server. + # config.asset_host = "http://assets.example.com" # Compress CSS using a preprocessor. config.assets.css_compressor = nil @@ -29,13 +27,6 @@ # Do not fallback to assets pipeline if a precompiled asset is missed. config.assets.compile = false - # Enable serving of images, stylesheets, and JavaScripts from an asset server. - # config.asset_host = "http://assets.example.com" - - # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache - # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX - # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local @@ -54,21 +45,18 @@ # Skip http-to-https redirect for the default health check endpoint. # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } - # Log to STDOUT by default - config.logger = ActiveSupport::Logger.new($stdout) - .tap { |logger| logger.formatter = ::Logger::Formatter.new } - .then { |logger| ActiveSupport::TaggedLogging.new(logger) } - - # Prepend all log lines with the following tags. + # Log to STDOUT with the current request id as a default log tag. config.log_tags = [:request_id] + config.logger = ActiveSupport::TaggedLogging.logger($stdout) - # "info" includes generic and useful information about system operation, but avoids logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). If you - # want to log everything, set the level to "debug". + # Change to "debug" to log everything (including potentially personally-identifiable information!) config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") - # Use a different cache store in production. - # config.cache_store = :mem_cache_store + # Prevent health checks from clogging up the logs. + config.silence_healthcheck_path = "/up" + + # Don't log any deprecations. + config.active_support.report_deprecations = false # Use a real queuing backend for Active Job (and separate queues per environment). config.active_job.queue_adapter = :sidekiq diff --git a/config/environments/test.rb b/config/environments/test.rb index 3a6e5be..411227e 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -17,12 +17,11 @@ # loading is working properly before deploying your code. config.eager_load = ENV["CI"].present? - # Configure public file server for tests with Cache-Control for performance. - config.public_file_server.headers = {"Cache-Control" => "public, max-age=#{1.hour.to_i}"} + # Configure public file server for tests with cache-control for performance. + config.public_file_server.headers = {"cache-control" => "public, max-age=3600"} # Show full error reports and disable caching. config.consider_all_requests_local = true - config.action_controller.perform_caching = false config.cache_store = :null_store # Render exception templates for rescuable exceptions and raise for other exceptions. @@ -34,8 +33,6 @@ # Store uploaded files on the local file system in a temporary directory. config.active_storage.service = :test - config.action_mailer.perform_caching = false - # Tell Action Mailer not to deliver emails to the real world. # The :test delivery method accumulates sent emails in the # ActionMailer::Base.deliveries array. @@ -48,12 +45,6 @@ # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - # Raises error for missing translations. config.i18n.raise_on_missing_translations = true diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index d86fc2e..8492a87 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -4,7 +4,7 @@ # Use this to limit dissemination of sensitive information. # See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. Rails.application.config.filter_parameters += [ - :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn, + :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn, :cvv, :cvc, :otp_attempt, :name, :first_name, diff --git a/config/initializers/new_framework_defaults_7_2.rb b/config/initializers/new_framework_defaults_7_2.rb deleted file mode 100644 index b549c4a..0000000 --- a/config/initializers/new_framework_defaults_7_2.rb +++ /dev/null @@ -1,70 +0,0 @@ -# Be sure to restart your server when you modify this file. -# -# This file eases your Rails 7.2 framework defaults upgrade. -# -# Uncomment each configuration one by one to switch to the new default. -# Once your application is ready to run with all new defaults, you can remove -# this file and set the `config.load_defaults` to `7.2`. -# -# Read the Guide for Upgrading Ruby on Rails for more info on each option. -# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html - -### -# Controls whether Active Job's `#perform_later` and similar methods automatically defer -# the job queuing to after the current Active Record transaction is committed. -# -# Example: -# Topic.transaction do -# topic = Topic.create(...) -# NewTopicNotificationJob.perform_later(topic) -# end -# -# In this example, if the configuration is set to `:never`, the job will -# be enqueued immediately, even though the `Topic` hasn't been committed yet. -# Because of this, if the job is picked up almost immediately, or if the -# transaction doesn't succeed for some reason, the job will fail to find this -# topic in the database. -# -# If `enqueue_after_transaction_commit` is set to `:default`, the queue adapter -# will define the behaviour. -# -# Note: Active Job backends can disable this feature. This is generally done by -# backends that use the same database as Active Record as a queue, hence they -# don't need this feature. -#++ -# Rails.application.config.active_job.enqueue_after_transaction_commit = :default - -### -# Adds image/webp to the list of content types Active Storage considers as an image -# Prevents automatic conversion to a fallback PNG, and assumes clients support WebP, as they support gif, jpeg, and png. -# This is possible due to broad browser support for WebP, but older browsers and email clients may still not support -# WebP. Requires imagemagick/libvips built with WebP support. -#++ -# Rails.application.config.active_storage.web_image_content_types = %w[image/png image/jpeg image/gif image/webp] - -### -# Enable validation of migration timestamps. When set, an ActiveRecord::InvalidMigrationTimestampError -# will be raised if the timestamp prefix for a migration is more than a day ahead of the timestamp -# associated with the current time. This is done to prevent forward-dating of migration files, which can -# impact migration generation and other migration commands. -# -# Applications with existing timestamped migrations that do not adhere to the -# expected format can disable validation by setting this config to `false`. -#++ -# Rails.application.config.active_record.validate_migration_timestamps = true - -### -# Controls whether the PostgresqlAdapter should decode dates automatically with manual queries. -# -# Example: -# ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.select_value("select '2024-01-01'::date") #=> Date -# -# This query used to return a `String`. -#++ -# Rails.application.config.active_record.postgresql_adapter_decode_dates = true - -### -# Enables YJIT as of Ruby 3.3, to bring sizeable performance improvements. If you are -# deploying to a memory constrained environment you may want to set this to `false`. -#++ -# Rails.application.config.yjit = true From 1f734c666476327b049479be9d041abafbaae26a Mon Sep 17 00:00:00 2001 From: dadachi Date: Fri, 6 Mar 2026 18:33:13 +0900 Subject: [PATCH 2/2] Add new_framework_defaults_8_0.rb initializer Co-Authored-By: Claude Opus 4.6 --- .../new_framework_defaults_8_0.rb | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 config/initializers/new_framework_defaults_8_0.rb diff --git a/config/initializers/new_framework_defaults_8_0.rb b/config/initializers/new_framework_defaults_8_0.rb new file mode 100644 index 0000000..92efa95 --- /dev/null +++ b/config/initializers/new_framework_defaults_8_0.rb @@ -0,0 +1,30 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 8.0 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `8.0`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +### +# Specifies whether `to_time` methods preserve the UTC offset of their receivers or preserves the timezone. +# If set to `:zone`, `to_time` methods will use the timezone of their receivers. +# If set to `:offset`, `to_time` methods will use the UTC offset. +# If `false`, `to_time` methods will convert to the local system UTC offset instead. +#++ +# Rails.application.config.active_support.to_time_preserves_timezone = :zone + +### +# When both `If-Modified-Since` and `If-None-Match` are provided by the client +# only consider `If-None-Match` as specified by RFC 7232 Section 6. +# If set to `false` both conditions need to be satisfied. +#++ +# Rails.application.config.action_dispatch.strict_freshness = true + +### +# Set `Regexp.timeout` to `1`s by default to improve security over Regexp Denial-of-Service attacks. +#++ +# Regexp.timeout = 1