Rails 7.1 upgrade

Turned on assume_ssl to fix issue with HTTP headers
2023-09-29 15:53:32 +01:00 · 2023-09-29 15:53:32 +01:00 · 0a4bfa86f9
parent a4cc6d1e3f
commit 0a4bfa86f9
14 changed files with 400 additions and 85 deletions
--- a/2
+++ b/2
@ -3,7 +3,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 ruby "3.2.2"
-gem "rails", "~> 7.0"
+gem "rails", "~> 7.1.0.rc1"
 gem "sprockets-rails"
 gem "pg"
 gem "puma"
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -1,75 +1,85 @@
 GEM
  remote: https://rubygems.org/
  specs:
-    actioncable (7.0.6)
+    actioncable (7.1.0.rc1)
-      actionpack (= 7.0.6)
+      actionpack (= 7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activesupport (= 7.1.0.rc1)
      nio4r (~> 2.0)
      websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.6)
+      zeitwerk (~> 2.6)
-      actionpack (= 7.0.6)
+    actionmailbox (7.1.0.rc1)
-      activejob (= 7.0.6)
+      actionpack (= 7.1.0.rc1)
-      activerecord (= 7.0.6)
+      activejob (= 7.1.0.rc1)
-      activestorage (= 7.0.6)
+      activerecord (= 7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activestorage (= 7.1.0.rc1)
      activesupport (= 7.1.0.rc1)
      mail (>= 2.7.1)
      net-imap
      net-pop
      net-smtp
-    actionmailer (7.0.6)
+    actionmailer (7.1.0.rc1)
-      actionpack (= 7.0.6)
+      actionpack (= 7.1.0.rc1)
-      actionview (= 7.0.6)
+      actionview (= 7.1.0.rc1)
-      activejob (= 7.0.6)
+      activejob (= 7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activesupport (= 7.1.0.rc1)
      mail (~> 2.5, >= 2.5.4)
      net-imap
      net-pop
      net-smtp
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-    actionpack (7.0.6)
+    actionpack (7.1.0.rc1)
-      actionview (= 7.0.6)
+      actionview (= 7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activesupport (= 7.1.0.rc1)
-      rack (~> 2.0, >= 2.2.4)
+      nokogiri (>= 1.8.5)
      rack (>= 2.2.4)
      rack-session (>= 1.0.1)
      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+      rails-html-sanitizer (~> 1.6)
-    actiontext (7.0.6)
+    actiontext (7.1.0.rc1)
-      actionpack (= 7.0.6)
+      actionpack (= 7.1.0.rc1)
-      activerecord (= 7.0.6)
+      activerecord (= 7.1.0.rc1)
-      activestorage (= 7.0.6)
+      activestorage (= 7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activesupport (= 7.1.0.rc1)
      globalid (>= 0.6.0)
      nokogiri (>= 1.8.5)
-    actionview (7.0.6)
+    actionview (7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activesupport (= 7.1.0.rc1)
      builder (~> 3.1)
-      erubi (~> 1.4)
+      erubi (~> 1.11)
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+      rails-html-sanitizer (~> 1.6)
-    activejob (7.0.6)
+    activejob (7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activesupport (= 7.1.0.rc1)
      globalid (>= 0.3.6)
-    activemodel (7.0.6)
+    activemodel (7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activesupport (= 7.1.0.rc1)
-    activerecord (7.0.6)
+    activerecord (7.1.0.rc1)
-      activemodel (= 7.0.6)
+      activemodel (= 7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activesupport (= 7.1.0.rc1)
-    activestorage (7.0.6)
+      timeout (>= 0.4.0)
-      actionpack (= 7.0.6)
+    activestorage (7.1.0.rc1)
-      activejob (= 7.0.6)
+      actionpack (= 7.1.0.rc1)
-      activerecord (= 7.0.6)
+      activejob (= 7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activerecord (= 7.1.0.rc1)
      activesupport (= 7.1.0.rc1)
      marcel (~> 1.0)
-      mini_mime (>= 1.1.0)
+    activesupport (7.1.0.rc1)
-    activesupport (7.0.6)
+      base64
      bigdecimal
      concurrent-ruby (~> 1.0, >= 1.0.2)
      connection_pool (>= 2.2.5)
      drb
      i18n (>= 1.6, < 2)
      minitest (>= 5.1)
      mutex_m
      tzinfo (~> 2.0)
    addressable (2.8.5)
      public_suffix (>= 2.0.2, < 6.0)
    base64 (0.1.1)
    bcrypt (3.1.19)
    bcrypt_pbkdf (1.1.0)
    bigdecimal (3.1.4)
    bindex (0.8.1)
    bootsnap (1.16.0)
      msgpack (~> 1.2)
@ -84,12 +94,15 @@ GEM
      regexp_parser (>= 1.5, < 3.0)
      xpath (~> 3.2)
    concurrent-ruby (1.2.2)
    connection_pool (2.4.1)
    crass (1.0.6)
    date (3.3.3)
    debug (1.8.0)
      irb (>= 1.5.0)
      reline (>= 0.3.1)
    dotenv (2.8.1)
    drb (2.1.1)
      ruby2_keywords
    ed25519 (1.3.0)
    erubi (1.12.0)
    globalid (1.1.0)
@ -125,10 +138,10 @@ GEM
      net-smtp
    marcel (1.0.2)
    matrix (0.4.2)
    method_source (1.0.0)
    mini_mime (1.1.5)
    minitest (5.19.0)
    msgpack (1.7.2)
    mutex_m (0.1.2)
    net-imap (0.3.7)
      date
      net-protocol
@ -138,7 +151,7 @@ GEM
      timeout
    net-scp (4.0.0)
      net-ssh (>= 2.6.5, < 8.0.0)
-    net-smtp (0.3.3)
+    net-smtp (0.4.0)
      net-protocol
    net-ssh (7.2.0)
    nio4r (2.5.9)
@ -152,22 +165,27 @@ GEM
      nio4r (~> 2.0)
    racc (1.7.1)
    rack (2.2.8)
    rack-session (1.0.1)
      rack (< 3)
    rack-test (2.1.0)
      rack (>= 1.3)
-    rails (7.0.6)
+    rackup (1.0.0)
-      actioncable (= 7.0.6)
+      rack (< 3)
-      actionmailbox (= 7.0.6)
+      webrick
-      actionmailer (= 7.0.6)
+    rails (7.1.0.rc1)
-      actionpack (= 7.0.6)
+      actioncable (= 7.1.0.rc1)
-      actiontext (= 7.0.6)
+      actionmailbox (= 7.1.0.rc1)
-      actionview (= 7.0.6)
+      actionmailer (= 7.1.0.rc1)
-      activejob (= 7.0.6)
+      actionpack (= 7.1.0.rc1)
-      activemodel (= 7.0.6)
+      actiontext (= 7.1.0.rc1)
-      activerecord (= 7.0.6)
+      actionview (= 7.1.0.rc1)
-      activestorage (= 7.0.6)
+      activejob (= 7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activemodel (= 7.1.0.rc1)
      activerecord (= 7.1.0.rc1)
      activestorage (= 7.1.0.rc1)
      activesupport (= 7.1.0.rc1)
      bundler (>= 1.15.0)
-      railties (= 7.0.6)
+      railties (= 7.1.0.rc1)
    rails-dom-testing (2.2.0)
      activesupport (>= 5.0.0)
      minitest
@ -175,18 +193,20 @@ GEM
    rails-html-sanitizer (1.6.0)
      loofah (~> 2.21)
      nokogiri (~> 1.14)
-    railties (7.0.6)
+    railties (7.1.0.rc1)
-      actionpack (= 7.0.6)
+      actionpack (= 7.1.0.rc1)
-      activesupport (= 7.0.6)
+      activesupport (= 7.1.0.rc1)
-      method_source
+      irb
      rackup (>= 1.0.0)
      rake (>= 12.2)
-      thor (~> 1.0)
+      thor (~> 1.0, >= 1.2.2)
-      zeitwerk (~> 2.5)
+      zeitwerk (~> 2.6)
    rake (13.0.6)
    regexp_parser (2.8.1)
    reline (0.3.7)
      io-console (~> 0.5)
    rexml (3.2.6)
    ruby2_keywords (0.0.5)
    rubyzip (2.3.2)
    selenium-webdriver (4.11.0)
      rexml (~> 3.2, >= 3.2.5)
@ -217,6 +237,7 @@ GEM
      activemodel (>= 6.0.0)
      bindex (>= 0.4.0)
      railties (>= 6.0.0)
    webrick (1.8.1)
    websocket (1.2.9)
    websocket-driver (0.7.6)
      websocket-extensions (>= 0.1.0)
@ -239,7 +260,7 @@ DEPENDENCIES
  kamal
  pg
  puma
-  rails (~> 7.0)
+  rails (~> 7.1.0.rc1)
  selenium-webdriver
  sprockets-rails
  stimulus-rails
--- a/bin/setup
+++ b/bin/setup
@ -5,14 +5,23 @@ require "fileutils"
 APP_ROOT = File.expand_path("..", __dir__)
 def system!(*args)
-  system(*args) || abort("\n== Command #{args} failed ==")
+  system(*args, exception: true)
 end
 FileUtils.chdir APP_ROOT do
  # This script is a way to set up or update your development environment automatically.
  # This script is idempotent, so that you can run it at any time and get an expectable outcome.
  # Add necessary setup steps to this file.
  puts "== Installing dependencies =="
  system! "gem install bundler --conservative"
  system("bundle check") || system!("bundle install")
  # puts "\n== Copying sample files =="
  # unless File.exist?("config/database.yml")
  #   FileUtils.cp "config/database.yml.sample", "config/database.yml"
  # end
  puts "\n== Preparing database =="
  system! "bin/rails db:prepare"
--- a/config/application.rb
+++ b/config/application.rb
@ -9,9 +9,10 @@ Bundler.require(*Rails.groups)
 module Soc
  class Application < Rails::Application
-    config.load_defaults 7.0
+    config.load_defaults 7.1
    config.time_zone = "London"
    config.autoload_lib(ignore: %w(assets tasks))
    config.action_view.field_error_proc = proc do |html_tag, _instance|
      html_tag.gsub(/<(\w*) /, '<\1 class="field_with_errors"').html_safe
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@ -50,4 +50,5 @@ Rails.application.configure do
    address: "localhost",
    port: 1025,
  }
  config.action_controller.raise_on_missing_callback_actions = true
 end
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@ -47,6 +47,7 @@ Rails.application.configure do
  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
  config.force_ssl = false
  config.assume_ssl = true
  # Include generic and useful information about system operation, but avoid logging too much
  # information to avoid inadvertent exposure of personally identifiable information (PII).
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@ -16,9 +16,9 @@
 #     # policy.report_uri "/csp-violation-report-endpoint"
 #   end
 #
-#   # Generate session nonces for permitted importmap and inline scripts
+#   # Generate session nonces for permitted importmap, inline scripts, and inline styles.
 #   config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
-#   config.content_security_policy_nonce_directives = %w(script-src)
+#   config.content_security_policy_nonce_directives = %w(script-src style-src)
 #
 #   # Report violations without enforcing the policy.
 #   # config.content_security_policy_report_only = true
--- a/config/initializers/filter_parameter_logging.rb
+++ b/config/initializers/filter_parameter_logging.rb
@ -1,8 +1,8 @@
 # Be sure to restart your server when you modify this file.
-# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file. 
-# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# Use this to limit dissemination of sensitive information. 
-# notations and behaviors.
+# See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors.
 Rails.application.config.filter_parameters += [
  :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
 ]
--- a/config/initializers/new_framework_defaults_7_1.rb
+++ b/config/initializers/new_framework_defaults_7_1.rb
@ -0,0 +1,223 @@
 # Be sure to restart your server when you modify this file.
 #
 # This file eases your Rails 7.1 framework defaults upgrade.
 #
 # Uncomment each configuration one by one to switch to the new default.
 # Once your application is ready to run with all new defaults, you can remove
 # this file and set the `config.load_defaults` to `7.1`.
 #
 # Read the Guide for Upgrading Ruby on Rails for more info on each option.
 # https://guides.rubyonrails.org/upgrading_ruby_on_rails.html
 # No longer add autoloaded paths into `$LOAD_PATH`. This means that you won't be able
 # to manually require files that are managed by the autoloader, which you shouldn't do anyway.
 # This will reduce the size of the load path, making `require` faster if you don't use bootsnap, or reduce the size
 # of the bootsnap cache if you use it.
 # Rails.application.config.add_autoload_paths_to_load_path = false
 # Remove the default X-Download-Options headers since it is used only by Internet Explorer.
 # If you need to support Internet Explorer, add back `"X-Download-Options" => "noopen"`.
 # Rails.application.config.action_dispatch.default_headers = {
 #   "X-Frame-Options" => "SAMEORIGIN",
 #   "X-XSS-Protection" => "0",
 #   "X-Content-Type-Options" => "nosniff",
 #   "X-Permitted-Cross-Domain-Policies" => "none",
 #   "Referrer-Policy" => "strict-origin-when-cross-origin"
 # }
 # Do not treat an `ActionController::Parameters` instance
 # as equal to an equivalent `Hash` by default.
 # Rails.application.config.action_controller.allow_deprecated_parameters_hash_equality = false
 # Active Record Encryption now uses SHA-256 as its hash digest algorithm. Important: If you have
 # data encrypted with previous Rails versions, there are two scenarios to consider:
 #
 # 1. If you have +config.active_support.key_generator_hash_digest_class+ configured as SHA1 (the default
 # before Rails 7.0), you need to configure SHA-1 for Active Record Encryption too:
 # Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA1
 # 2. If you have +config.active_support.key_generator_hash_digest_class+ configured as SHA256 (the new default
 # in 7.0), then you need to configure SHA-256 for Active Record Encryption:
 # Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA256
 #
 # If you don't currently have data encrypted with Active Record encryption, you can disable this setting to
 # configure the default behavior starting 7.1+:
 # Rails.application.config.active_record.encryption.support_sha1_for_non_deterministic_encryption = false
 # No longer run after_commit callbacks on the first of multiple Active Record
 # instances to save changes to the same database row within a transaction.
 # Instead, run these callbacks on the instance most likely to have internal
 # state which matches what was committed to the database, typically the last
 # instance to save.
 # Rails.application.config.active_record.run_commit_callbacks_on_first_saved_instances_in_transaction = false
 # Configures SQLite with a strict strings mode, which disables double-quoted string literals.
 #
 # SQLite has some quirks around double-quoted string literals.
 # It first tries to consider double-quoted strings as identifier names, but if they don't exist
 # it then considers them as string literals. Because of this, typos can silently go unnoticed.
 # For example, it is possible to create an index for a non existing column.
 # See https://www.sqlite.org/quirks.html#double_quoted_string_literals_are_accepted for more details.
 # Rails.application.config.active_record.sqlite3_adapter_strict_strings_by_default = true
 # Disable deprecated singular associations names
 # Rails.application.config.active_record.allow_deprecated_singular_associations_name = false
 # Enable the Active Job `BigDecimal` argument serializer, which guarantees
 # roundtripping. Without this serializer, some queue adapters may serialize
 # `BigDecimal` arguments as simple (non-roundtrippable) strings.
 #
 # When deploying an application with multiple replicas, old (pre-Rails 7.1)
 # replicas will not be able to deserialize `BigDecimal` arguments from this
 # serializer. Therefore, this setting should only be enabled after all replicas
 # have been successfully upgraded to Rails 7.1.
 # Rails.application.config.active_job.use_big_decimal_serializer = true
 # Specify if an `ArgumentError` should be raised if `Rails.cache` `fetch` or
 # `write` are given an invalid `expires_at` or `expires_in` time.
 # Options are `true`, and `false`. If `false`, the exception will be reported
 # as `handled` and logged instead.
 # Rails.application.config.active_support.raise_on_invalid_cache_expiration_time = true
 # Specify whether Query Logs will format tags using the SQLCommenter format
 # (https://open-telemetry.github.io/opentelemetry-sqlcommenter/), or using the legacy format.
 # Options are `:legacy` and `:sqlcommenter`.
 # Rails.application.config.active_record.query_log_tags_format = :sqlcommenter
 # Specify the default serializer used by `MessageEncryptor` and `MessageVerifier`
 # instances.
 #
 # The legacy default is `:marshal`, which is a potential vector for
 # deserialization attacks in cases where a message signing secret has been
 # leaked.
 #
 # In Rails 7.1, the new default is `:json_allow_marshal` which serializes and
 # deserializes with `ActiveSupport::JSON`, but can fall back to deserializing
 # with `Marshal` so that legacy messages can still be read.
 #
 # In Rails 7.2, the default will become `:json` which serializes and
 # deserializes with `ActiveSupport::JSON` only.
 #
 # Alternatively, you can choose `:message_pack` or `:message_pack_allow_marshal`,
 # which serialize with `ActiveSupport::MessagePack`. `ActiveSupport::MessagePack`
 # can roundtrip some Ruby types that are not supported by JSON, and may provide
 # improved performance, but it requires the `msgpack` gem.
 #
 # For more information, see
 # https://guides.rubyonrails.org/v7.1/configuring.html#config-active-support-message-serializer
 #
 # If you are performing a rolling deploy of a Rails 7.1 upgrade, wherein servers
 # that have not yet been upgraded must be able to read messages from upgraded
 # servers, first deploy without changing the serializer, then set the serializer
 # in a subsequent deploy.
 # Rails.application.config.active_support.message_serializer = :json_allow_marshal
 # Enable a performance optimization that serializes message data and metadata
 # together. This changes the message format, so messages serialized this way
 # cannot be read by older versions of Rails. However, messages that use the old
 # format can still be read, regardless of whether this optimization is enabled.
 #
 # To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have
 # not yet been upgraded must be able to read messages from upgraded servers,
 # leave this optimization off on the first deploy, then enable it on a
 # subsequent deploy.
 # Rails.application.config.active_support.use_message_serializer_for_metadata = true
 # Set the maximum size for Rails log files.
 #
 # `config.load_defaults 7.1` does not set this value for environments other than
 # development and test.
 #
 # if Rails.env.local?
 #   Rails.application.config.log_file_size = 100 * 1024 * 1024
 # end
 # Enable raising on assignment to attr_readonly attributes. The previous
 # behavior would allow assignment but silently not persist changes to the
 # database.
 # Rails.application.config.active_record.raise_on_assign_to_attr_readonly = true
 # Enable validating only parent-related columns for presence when the parent is mandatory.
 # The previous behavior was to validate the presence of the parent record, which performed an extra query
 # to get the parent every time the child record was updated, even when parent has not changed.
 # Rails.application.config.active_record.belongs_to_required_validates_foreign_key = false
 # Enable precompilation of `config.filter_parameters`. Precompilation can
 # improve filtering performance, depending on the quantity and types of filters.
 # Rails.application.config.precompile_filter_parameters = true
 # Enable before_committed! callbacks on all enrolled records in a transaction.
 # The previous behavior was to only run the callbacks on the first copy of a record
 # if there were multiple copies of the same record enrolled in the transaction.
 # Rails.application.config.active_record.before_committed_on_all_records = true
 # Disable automatic column serialization into YAML.
 # To keep the historic behavior, you can set it to `YAML`, however it is
 # recommended to explicitly define the serialization method for each column
 # rather than to rely on a global default.
 # Rails.application.config.active_record.default_column_serializer = nil
 # Enable a performance optimization that serializes Active Record models
 # in a faster and more compact way.
 #
 # To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have
 # not yet been upgraded must be able to read caches from upgraded servers,
 # leave this optimization off on the first deploy, then enable it on a
 # subsequent deploy.
 # Rails.application.config.active_record.marshalling_format_version = 7.1
 # Run `after_commit` and `after_*_commit` callbacks in the order they are defined in a model.
 # This matches the behaviour of all other callbacks.
 # In previous versions of Rails, they ran in the inverse order.
 # Rails.application.config.active_record.run_after_transaction_callbacks_in_order_defined = true
 # Whether a `transaction` block is committed or rolled back when exited via `return`, `break` or `throw`.
 #
 # Rails.application.config.active_record.commit_transaction_on_non_local_return = true
 # Controls when to generate a value for <tt>has_secure_token</tt> declarations.
 #
 # Rails.application.config.active_record.generate_secure_token_on = :initialize
 # ** Please read carefully, this must be configured in config/application.rb **
 # Change the format of the cache entry.
 # Changing this default means that all new cache entries added to the cache
 # will have a different format that is not supported by Rails 7.0
 # applications.
 # Only change this value after your application is fully deployed to Rails 7.1
 # and you have no plans to rollback.
 # When you're ready to change format, add this to `config/application.rb` (NOT
 # this file):
 #   config.active_support.cache_format_version = 7.1
 # Configure Action View to use HTML5 standards-compliant sanitizers when they are supported on your
 # platform.
 #
 # `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action View to use HTML5-compliant
 # sanitizers if they are supported, else fall back to HTML4 sanitizers.
 #
 # In previous versions of Rails, Action View always used `Rails::HTML4::Sanitizer` as its vendor.
 #
 # Rails.application.config.action_view.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor
 # Configure Action Text to use an HTML5 standards-compliant sanitizer when it is supported on your
 # platform.
 #
 # `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action Text to use HTML5-compliant
 # sanitizers if they are supported, else fall back to HTML4 sanitizers.
 #
 # In previous versions of Rails, Action Text always used `Rails::HTML4::Sanitizer` as its vendor.
 #
 # Rails.application.config.action_text.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor
 # Configure the log level used by the DebugExceptions middleware when logging
 # uncaught exceptions during requests
 # Rails.application.config.action_dispatch.debug_exception_log_level = :error
 # Configure the test helpers in Action View, Action Dispatch, and rails-dom-testing to use HTML5
 # parsers.
 #
 # Nokogiri::HTML5 isn't supported on JRuby, so JRuby applications must set this to :html4.
 #
 # In previous versions of Rails, these test helpers always used an HTML4 parser.
 #
 # Rails.application.config.dom_testing_default_html_version = :html5
--- a/config/initializers/permissions_policy.rb
+++ b/config/initializers/permissions_policy.rb
@ -1,11 +1,13 @@
 # Be sure to restart your server when you modify this file.
 # Define an application-wide HTTP permissions policy. For further
-# information see https://developers.google.com/web/updates/2018/06/feature-policy
+# information see: https://developers.google.com/web/updates/2018/06/feature-policy
-#
+
-# Rails.application.config.permissions_policy do |f|
+# Rails.application.config.permissions_policy do |policy|
-#   f.camera      :none
+#   policy.camera      :none
-#   f.gyroscope   :none
+#   policy.gyroscope   :none
-#   f.microphone  :none
+#   policy.microphone  :none
-#   f.usb         :none
+#   policy.usb         :none
-#   f.fullscreen  :self
+#   policy.fullscreen  :self
-#   f.payment     :self, "https://secure.example.com"
+#   policy.payment     :self, "https://secure.example.com"
 # end
--- a/db/migrate/20230929145224_add_service_name_to_active_storage_blobs.active_storage.rb
+++ b/db/migrate/20230929145224_add_service_name_to_active_storage_blobs.active_storage.rb
@ -0,0 +1,22 @@
 # This migration comes from active_storage (originally 20190112182829)
 class AddServiceNameToActiveStorageBlobs < ActiveRecord::Migration[6.0]
  def up
    return unless table_exists?(:active_storage_blobs)
    unless column_exists?(:active_storage_blobs, :service_name)
      add_column :active_storage_blobs, :service_name, :string
      if configured_service = ActiveStorage::Blob.service.name
        ActiveStorage::Blob.unscoped.update_all(service_name: configured_service)
      end
      change_column :active_storage_blobs, :service_name, :string, null: false
    end
  end
  def down
    return unless table_exists?(:active_storage_blobs)
    remove_column :active_storage_blobs, :service_name
  end
 end
--- a/db/migrate/20230929145225_create_active_storage_variant_records.active_storage.rb
+++ b/db/migrate/20230929145225_create_active_storage_variant_records.active_storage.rb
@ -0,0 +1,27 @@
 # This migration comes from active_storage (originally 20191206030411)
 class CreateActiveStorageVariantRecords < ActiveRecord::Migration[6.0]
  def change
    return unless table_exists?(:active_storage_blobs)
    # Use Active Record's configured type for primary key
    create_table :active_storage_variant_records, id: primary_key_type, if_not_exists: true do |t|
      t.belongs_to :blob, null: false, index: false, type: blobs_primary_key_type
      t.string :variation_digest, null: false
      t.index %i[ blob_id variation_digest ], name: "index_active_storage_variant_records_uniqueness", unique: true
      t.foreign_key :active_storage_blobs, column: :blob_id
    end
  end
  private
    def primary_key_type
      config = Rails.configuration.generators
      config.options[config.orm][:primary_key_type] || :primary_key
    end
    def blobs_primary_key_type
      pkey_name = connection.primary_key(:active_storage_blobs)
      pkey_column = connection.columns(:active_storage_blobs).find { |c| c.name == pkey_name }
      pkey_column.bigint? ? :bigint : pkey_column.type
    end
 end
--- a/db/migrate/20230929145226_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb
+++ b/db/migrate/20230929145226_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb
@ -0,0 +1,8 @@
 # This migration comes from active_storage (originally 20211119233751)
 class RemoveNotNullOnActiveStorageBlobsChecksum < ActiveRecord::Migration[6.0]
  def change
    return unless table_exists?(:active_storage_blobs)
    change_column_null(:active_storage_blobs, :checksum, true)
  end
 end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema[7.0].define(version: 2023_09_17_114037) do
+ActiveRecord::Schema[7.1].define(version: 2023_09_29_145226) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"