Merge pull request #1920 from denny/upgrade/rails-7.0-ruby-3.2

Ruby 3.2, Rails 7.0, etc

Author: denny

.circleci/config.yml

@@ -12,7 +12,7 @@ version: 2
 
 references:
   app: &app
-    image: cimg/ruby:3.1.6-node
+    image: cimg/ruby:3.2.7-node
     environment:
       BUNDLE_JOBS: 3
       BUNDLE_RETRY: 3

.ruby-version

@@ -1 +1 @@
-3.1.6
+3.2.7

Gemfile

@@ -13,8 +13,8 @@ ruby "~> #{helper.ruby_version}"  # get version from .ruby-version file (DRY)
 
 source 'https://rubygems.org'
 source 'https://rubygems.org' do
-  # Rails 6.1
-  gem 'rails', '~> 6.1.7'
+  # Rails 7.0
+  gem 'rails', '~> 7.0.8'
 
   # Load ENV from .env(.*) files
   gem 'dotenv-rails', require: 'dotenv/load'

Gemfile.lock

@@ -8,7 +8,7 @@ PATH
       pagy (>= 5.10, < 8.0)
       pg (>= 1.2.3, < 1.6.0)
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
 
 PATH
   remote: plugins/ShinyBlog
@@ -21,7 +21,7 @@ PATH
       pagy (>= 5.10, < 8.0)
       pg (>= 1.2.3, < 1.6.0)
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
 
 PATH
   remote: plugins/ShinyCMS
@@ -53,7 +53,7 @@ PATH
       pg (>= 1.2.3, < 1.6.0)
       pry-rails
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
       rails-i18n
       recaptcha
       rss
@@ -76,7 +76,7 @@ PATH
       pagy (>= 5.10, < 8.0)
       pg (>= 1.2.3, < 1.6.0)
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
 
 PATH
   remote: plugins/ShinyInserts
@@ -88,7 +88,7 @@ PATH
       pagy (>= 5.10, < 8.0)
       pg (>= 1.2.3, < 1.6.0)
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
 
 PATH
   remote: plugins/ShinyLists
@@ -99,7 +99,7 @@ PATH
       pagy (>= 5.10, < 8.0)
       pg (>= 1.2.3, < 1.6.0)
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
 
 PATH
   remote: plugins/ShinyNews
@@ -112,7 +112,7 @@ PATH
       pagy (>= 5.10, < 8.0)
       pg (>= 1.2.3, < 1.6.0)
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
 
 PATH
   remote: plugins/ShinyNewsletters
@@ -124,7 +124,7 @@ PATH
       pagy (>= 5.10, < 8.0)
       pg (>= 1.2.3, < 1.6.0)
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
 
 PATH
   remote: plugins/ShinyPages
@@ -136,7 +136,7 @@ PATH
       pagy (>= 5.10, < 8.0)
       pg (>= 1.2.3, < 1.6.0)
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
 
 PATH
   remote: plugins/ShinyProfiles
@@ -147,14 +147,14 @@ PATH
       pagy (>= 5.10, < 8.0)
       pg (>= 1.2.3, < 1.6.0)
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
 
 PATH
   remote: plugins/ShinySEO
   specs:
     shiny_seo (21.06)
       pg (>= 0.18, < 2.0)
-      rails (~> 6.1.2, >= 6.1.2.1)
+      rails (>= 7.0.8.7, < 7.1)
       sitemap_generator
 
 PATH
@@ -170,7 +170,7 @@ PATH
       pg (>= 1.2.3, < 1.6.0)
       pg_search
       pundit
-      rails (>= 6.1.2.1, < 7)
+      rails (>= 7.0.8.7, < 7.1)
 
 GEM
   remote: https://oss:TavsFP4Rxs7vhBGX0Li5ksWM53EcWLyd@gem.mutant.dev/
@@ -180,72 +180,78 @@ GEM
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (6.1.7.10)
-      actionpack (= 6.1.7.10)
-      activesupport (= 6.1.7.10)
+    actioncable (7.0.8.7)
+      actionpack (= 7.0.8.7)
+      activesupport (= 7.0.8.7)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.7.10)
-      actionpack (= 6.1.7.10)
-      activejob (= 6.1.7.10)
-      activerecord (= 6.1.7.10)
-      activestorage (= 6.1.7.10)
-      activesupport (= 6.1.7.10)
+    actionmailbox (7.0.8.7)
+      actionpack (= 7.0.8.7)
+      activejob (= 7.0.8.7)
+      activerecord (= 7.0.8.7)
+      activestorage (= 7.0.8.7)
+      activesupport (= 7.0.8.7)
       mail (>= 2.7.1)
-    actionmailer (6.1.7.10)
-      actionpack (= 6.1.7.10)
-      actionview (= 6.1.7.10)
-      activejob (= 6.1.7.10)
-      activesupport (= 6.1.7.10)
+      net-imap
+      net-pop
+      net-smtp
+    actionmailer (7.0.8.7)
+      actionpack (= 7.0.8.7)
+      actionview (= 7.0.8.7)
+      activejob (= 7.0.8.7)
+      activesupport (= 7.0.8.7)
       mail (~> 2.5, >= 2.5.4)
+      net-imap
+      net-pop
+      net-smtp
       rails-dom-testing (~> 2.0)
-    actionpack (6.1.7.10)
-      actionview (= 6.1.7.10)
-      activesupport (= 6.1.7.10)
-      rack (~> 2.0, >= 2.0.9)
+    actionpack (7.0.8.7)
+      actionview (= 7.0.8.7)
+      activesupport (= 7.0.8.7)
+      rack (~> 2.0, >= 2.2.4)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.1.7.10)
-      actionpack (= 6.1.7.10)
-      activerecord (= 6.1.7.10)
-      activestorage (= 6.1.7.10)
-      activesupport (= 6.1.7.10)
+    actiontext (7.0.8.7)
+      actionpack (= 7.0.8.7)
+      activerecord (= 7.0.8.7)
+      activestorage (= 7.0.8.7)
+      activesupport (= 7.0.8.7)
+      globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (6.1.7.10)
-      activesupport (= 6.1.7.10)
+    actionview (7.0.8.7)
+      activesupport (= 7.0.8.7)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.1.7.10)
-      activesupport (= 6.1.7.10)
+    activejob (7.0.8.7)
+      activesupport (= 7.0.8.7)
       globalid (>= 0.3.6)
-    activemodel (6.1.7.10)
-      activesupport (= 6.1.7.10)
-    activerecord (6.1.7.10)
-      activemodel (= 6.1.7.10)
-      activesupport (= 6.1.7.10)
+    activemodel (7.0.8.7)
+      activesupport (= 7.0.8.7)
+    activerecord (7.0.8.7)
+      activemodel (= 7.0.8.7)
+      activesupport (= 7.0.8.7)
     activerecord-session_store (2.1.0)
       actionpack (>= 6.1)
       activerecord (>= 6.1)
       cgi (>= 0.3.6)
       multi_json (~> 1.11, >= 1.11.2)
       rack (>= 2.0.8, < 4)
       railties (>= 6.1)
-    activestorage (6.1.7.10)
-      actionpack (= 6.1.7.10)
-      activejob (= 6.1.7.10)
-      activerecord (= 6.1.7.10)
-      activesupport (= 6.1.7.10)
+    activestorage (7.0.8.7)
+      actionpack (= 7.0.8.7)
+      activejob (= 7.0.8.7)
+      activerecord (= 7.0.8.7)
+      activesupport (= 7.0.8.7)
       marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (6.1.7.10)
+    activesupport (7.0.8.7)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
     acts-as-taggable-on (10.0.0)
       activerecord (>= 6.1, < 7.2)
     acts_as_list (1.2.4)
@@ -573,21 +579,20 @@ GEM
     rack (2.2.11)
     rack-test (2.2.0)
       rack (>= 1.3)
-    rails (6.1.7.10)
-      actioncable (= 6.1.7.10)
-      actionmailbox (= 6.1.7.10)
-      actionmailer (= 6.1.7.10)
-      actionpack (= 6.1.7.10)
-      actiontext (= 6.1.7.10)
-      actionview (= 6.1.7.10)
-      activejob (= 6.1.7.10)
-      activemodel (= 6.1.7.10)
-      activerecord (= 6.1.7.10)
-      activestorage (= 6.1.7.10)
-      activesupport (= 6.1.7.10)
+    rails (7.0.8.7)
+      actioncable (= 7.0.8.7)
+      actionmailbox (= 7.0.8.7)
+      actionmailer (= 7.0.8.7)
+      actionpack (= 7.0.8.7)
+      actiontext (= 7.0.8.7)
+      actionview (= 7.0.8.7)
+      activejob (= 7.0.8.7)
+      activemodel (= 7.0.8.7)
+      activerecord (= 7.0.8.7)
+      activestorage (= 7.0.8.7)
+      activesupport (= 7.0.8.7)
       bundler (>= 1.15.0)
-      railties (= 6.1.7.10)
-      sprockets-rails (>= 2.0.0)
+      railties (= 7.0.8.7)
     rails-dom-testing (2.2.0)
       activesupport (>= 5.0.0)
       minitest
@@ -606,12 +611,13 @@ GEM
       request_store
       sassc-rails (>= 2.0.0)
       turbolinks
-    railties (6.1.7.10)
-      actionpack (= 6.1.7.10)
-      activesupport (= 6.1.7.10)
+    railties (7.0.8.7)
+      actionpack (= 7.0.8.7)
+      activesupport (= 7.0.8.7)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
+      zeitwerk (~> 2.5)
     rainbow (3.1.1)
     rake (13.2.1)
     rb-fsevent (0.11.2)
@@ -845,7 +851,7 @@ DEPENDENCIES
   pg (~> 1.5.9)!
   puma (~> 6.6)!
   rack (>= 2.2.11)!
-  rails (~> 6.1.7)!
+  rails (~> 7.0.8)!
   rails-pg-extras!
   rails_email_preview!
   rspec-instafail!
@@ -877,7 +883,7 @@ DEPENDENCIES
   webmock!
 
 RUBY VERSION
-   ruby 3.1.6p260
+   ruby 3.2.7p253
 
 BUNDLED WITH
    2.5.23

README.md

@@ -6,7 +6,7 @@ ShinyCMS is primarily intended for use by professional web developers, as a plat
 
 Web developers can also add custom functionality by writing their own plugins. A number of helpers and concerns are provided to help you build new features quickly, and with a consistent look-and-feel to the rest of the system.
 
-The current version of ShinyCMS runs on Ruby 3.0 and Rails 6.1
+The current version of ShinyCMS runs on Ruby 3.2 and Rails 7.0
 
 ## Features
 
@@ -100,7 +100,7 @@ All other supported [external services](docs/Services.md) are optional. If you a
 
 ### Ruby and Rails versions
 
-ShinyCMS requires Rails 6.1 and Ruby 2.7 or later. The project generally uses the most recent stable release of both Ruby and Rails (currently Ruby 3.0.1 and Rails 6.1.3).
+ShinyCMS requires Rails 7.0 and Ruby 3.2 or later. The project generally uses the most recent stable release of both Ruby and Rails (currently Ruby 3.2.7 and Rails 7.0.8.7).
 
 
 ## Contributing

config/application.rb

@@ -33,12 +33,15 @@ module ShinyHostApp
   # Rails application class for the ShinyHostApp
   class Application < Rails::Application
     # Initialize configuration defaults for originally generated Rails version.
-    config.load_defaults 6.1
+    config.load_defaults 7.0
 
     # Configuration for the application, engines, and railties goes here.
     #
     # These settings can be overridden in specific environments using the files
     # in config/environments, which are processed later.
+    #
+    # config.time_zone = "Central Time (US & Canada)"
+    # config.eager_load_paths << Rails.root.join("extras")
 
     # Don't generate system test files.
     config.generators.system_tests = nil

config/initializers/assets.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+# Be sure to restart your server when you modify this file.
+
+# Version of your assets, change this if you want to expire all your assets.
+Rails.application.config.assets.version = '1.0'
+
+# Add additional assets to the asset load path.
+# Rails.application.config.assets.paths << Emoji.images_path
+
+# Precompile additional assets.
+# application.js, application.css, and all non-JS/CSS in the app/assets
+# folder are already added.
+# Rails.application.config.assets.precompile += %w( admin.js admin.css )

config/initializers/content_security_policy.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+# Be sure to restart your server when you modify this file.
+
+# Define an application-wide content security policy.
+# See the Securing Rails Applications Guide for more information:
+# https://guides.rubyonrails.org/security.html#content-security-policy-header
+
+# Rails.application.configure do
+#   config.content_security_policy do |policy|
+#     policy.default_src :self, :https
+#     policy.font_src    :self, :https, :data
+#     policy.img_src     :self, :https, :data
+#     policy.object_src  :none
+#     policy.script_src  :self, :https
+#     policy.style_src   :self, :https
+#     # Specify URI for violation reports
+#     # policy.report_uri "/csp-violation-report-endpoint"
+#   end
+#
+#   # Generate session nonces for permitted importmap and inline scripts
+#   config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
+#   config.content_security_policy_nonce_directives = %w(script-src)
+#
+#   # Report violations without enforcing the policy.
+#   # config.content_security_policy_report_only = true
+# end