Upgrade to Rails 7.1 and apply new framework defaults

* Remove deprecated options from environments * Remove deprecation warnings for upcoming Rails 7.2 * Dump schema with new defaults * Remove outdated (and erroneous) data attribute in view * Resolve a `NoMethodError` for seeds_spec.rb
2023-10-13 15:33:05 +02:00
parent 10c9378b11
commit 28d9e38fe5
16 changed files with 198 additions and 135 deletions
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@ -68,10 +68,10 @@ Rails.application.configure do
    CSP.apply_sentry_settings_for   policy if SentryJavascript.active?
  end

-  # Generate session nonces for permitted importmap and inline scripts
+  # Generate session nonces for permitted importmap, inline scripts, and inline styles.
  # config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
-  # config.content_security_policy_nonce_directives = %w[script-src]
+  # config.content_security_policy_nonce_directives = %w[script-src style-src]

-  # Report violations without enforcing the policy
+  # Report violations without enforcing the policy.
  # config.content_security_policy_report_only = true
 end
--- a/config/initializers/filter_parameter_logging.rb
+++ b/config/initializers/filter_parameter_logging.rb
@ -2,9 +2,9 @@

 # Be sure to restart your server when you modify this file.

-# Configure parameters to be filtered from the log file. Use this to limit dissemination of
-# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
-# notations and behaviors.
+# Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file.
+# Use this to limit dissemination of sensitive information.
+# See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors.
 Rails.application.config.filter_parameters += %i[
  passw secret token _key crypt salt certificate otp ssn
 ]
--- a/config/initializers/monkey_patches.rb
+++ b/config/initializers/monkey_patches.rb
@ -17,3 +17,11 @@ module WillPaginate
    end
  end
 end
+
+# Temporary required for Rails 7.1+ and Slim 5.1+.
+# TODO: No GitHub issue yet
+module ActionView
+  class OutputBuffer
+    alias + concat
+  end
+end
--- a/config/initializers/permissions_policy.rb
+++ b/config/initializers/permissions_policy.rb
@ -1,7 +1,9 @@
 # frozen_string_literal: true

+# Be sure to restart your server when you modify this file.
+
 # Define an application-wide HTTP permissions policy. For further
-# information see https://developers.google.com/web/updates/2018/06/feature-policy
+# information see: https://developers.google.com/web/updates/2018/06/feature-policy
 # TODO: Feature-Policy has been renamed to Permissions-Policy. The Permissions-Policy is
 #       not yet supported by Rails (even though the new name is already used for the method)
 Rails.application.config.permissions_policy do |policy|
@ -19,8 +21,5 @@ Rails.application.config.permissions_policy do |policy|
  policy.payment              :none
  policy.picture_in_picture   :none
  # The `speaker` directive is used for selection of non-default audio output devices
-  policy.speaker              :none
  policy.usb                  :none
-  policy.vibrate              :none
-  policy.vr                   :none
 end