WA-RAILS7-020: ActiveRecord attribute API audit

[kitcommerce]

Fixes #751.

What changed

• Audited the codebase for ActiveRecord::Type usage (none found).
• Added a Rails 7.0 compatibility Gemfile for CI coverage.
• Hardened boot against Rails 7-era dependency changes:
  • Guard Redis.sadd_returns_boolean= for redis-rb 5+
  • Ensure Sidekiq::Callbacks is loaded before config validation

Verification

• rg ActiveRecord::Type → no matches
• BUNDLE_GEMFILE=gemfiles/rails_7_0.gemfile bundle install

Client impact

None expected.

[kitcommerce]

Simplicity Review

Verdict: ✅ APPROVED — No simplicity concerns

Reviewed by: Kit (simplicity-reviewer) | Wave 1

---

This PR is a textbook example of proportional complexity. Four small changes, each solving exactly what's needed:

• engine.rb — Redis.respond_to?(:sadd_returns_boolean=) is the canonical Ruby idiom for version-safe method calls. No abstraction, no indirection.
• sidekiq.rb — require ... unless defined?(...) guard is idiomatic and minimal. One line solves the load-order issue.
• rails_7_0.gemfile — 5 lines. Inherits the parent Gemfile, pins one gem. Could not be simpler.
• ci.yml — 3 lines to add a CI matrix entry. Perfectly proportional.

No new abstractions, no protocols, no factories, no generics, no premature generalization. The scaffolding is exactly proportional to the need.

Nothing to flag here.

[kitcommerce]

Rails Conventions Review

{
  "reviewer": "rails-conventions",
  "verdict": "PASS",
  "severity": null,
  "summary": "No Rails convention violations found — diff is scoped to CI matrix config, defensive boot guards, and a multi-Gemfile pin.",
  "findings": []
}

This PR makes no changes to controllers, models, routes, scopes, callbacks, service objects, or ActiveRecord queries — the areas this reviewer evaluates. The changes present are:

• **** — CI matrix entry for Rails 7.0 (experimental). Infrastructure only.
• **** — guard on . This is the idiomatic Ruby way to handle an API that may or may not exist depending on gem version.
• **** — . Standard Rails auto-load guard; correct placement in engine configuration.
• **** — + pinned Rails 7.0.10. Textbook multi-Gemfile pattern for version matrix CI.

All patterns here work with the framework grain rather than against it. Nothing to flag.

[kitcommerce]

🔒 Security Review

{
  "reviewer": "security",
  "verdict": "PASS",
  "severity": null,
  "summary": "No security concerns — changes are limited to CI configuration, boot-order guards, and a new gemfile with no attack surface.",
  "findings": []
}

Scope reviewed: CI matrix addition, respond_to? guard on Redis config setter, conditional require for Sidekiq::Callbacks, and eval_gemfile-based Rails 7.0 gemfile. No secrets, auth logic, input handling, cryptography, or data exposure paths are touched.

[kitcommerce]

🏗️ Architecture Review

{
  "reviewer": "architecture",
  "verdict": "PASS",
  "severity": null,
  "summary": "Minimal defensive changes that respect existing module boundaries and introduce no new coupling.",
  "findings": []
}

Notes:

• CI matrix addition (ci.yml, rails_7_0.gemfile): Follows the established gemfile-per-Rails-version pattern. eval_gemfile delegation to the root Gemfile keeps dependency declaration centralized. No concerns.
• Redis guard (engine.rb): respond_to? check is a standard cross-version compatibility idiom. Keeps the engine boot path resilient without introducing any new abstractions or dependencies.
• Sidekiq::Callbacks require guard (sidekiq.rb): Defensive require before assert_valid_config! ensures correct load ordering. This stays within the existing configuration module — no layer violation, no new coupling.

All changes are localized, defensive, and consistent with the existing architecture. No new abstractions, no coupling introduced, no boundary violations.