A long-running `rails console --sandbox` could cause a database server
to become out-of-memory as it's holding on to changes that happen on the
database.
Given that it's common for Ruby on Rails application with huge
traffic to have separate write database and read database, we should
allow the developers to disable this sandbox option to prevent someone
from accidentally causing the Denial-of-Service on their server.
Since `secret_key_base` is expected to be included in credential file,
`secret_key_base` should be included even if re-create the file. This is
the same behavior as creating a new app.
When env is specified, it may be unnecessary, so I added it only when not
specifying env.
This is kind of hard to explain but if you have a database config with
another level like this:
```
development:
primary:
database: "my db"
variables:
statement_timeout: 1000
```
the database configurations code would chooke on the `variables` level
because it didn't know what to do with it.
We'd see the following error:
```
lib/active_record/database_configurations.rb:72:in
`block in find_db_config': undefined method `env_name' for [nil]:Array
(NoMethodError)
```
The problem here is that Rails does correctly identify this as not a
real configuration but returns `[nil]` along with the others. We need to
make sure to flatten the array and remove all the `nil`'s before
returning the `configurations` objects.
Fixes#35646
Since 3777701f13, the environment's name is
automatically expanded in console and dbconsole commands.
In order to match the behavior between the commands, fixes it to have the
same behavior of all the commands.
This behavior is defined in `EnvironmentArgument`. Since
`EnvironmentArgument` also defines the environment option, it is reused.
However, since desc was not content that can be used in all comments,
fixed desc to be defined for each command.
The tmp directory is added to version control in the newly created
application. This was added in Rails 5.0.0(f06ce4c12a).
However, applications created before that are not guaranteed to have the
tmp directory. If the tmp directory does not exist, writing to the key file
raise error.
This is a bit incompatible. So I fixed that create the directory before
writing a key.
This was missed in the security fix for local dev. CI doesn't have a tmp
directory in the apps built for testing so these end up failing. This
adds the secret_key_base so we don't need to generate one.
This adds a few additional tests to the commits by eileencodes (https://github.com/rails/rails/pull/35497) and rafaelfranca (cfa22f1a4b). The additional tests cover several more ERB tag formatting cases such as multiline tags, conditional statements that result in duplicate keys, and multiple erb statements on a single line.
This streamlines the lovely foundation Bogdan added. Mainly to add
guidance around encryption keys and remove some backticks.
Finally it adds some mention of how to access these files from Ruby
in apps.
[ Kasper Timm Hansen & bogdanvlviv ]
Sample example ->
Before:
prathamesh@Prathameshs-MacBook-Pro-2 blog *$ rails server thin
DEPRECATION WARNING: Passing the Rack server name as a regular argument is deprecated
and will be removed in the next Rails version. Please, use the -u
option instead.
After:
prathamesh@Prathameshs-MacBook-Pro-2 squish_app *$ rails server thin
DEPRECATION WARNING: Passing the Rack server name as a regular argument is deprecated and will be removed in the next Rails version. Please, use the -u option instead.
If the secret_key_base is nil in dev or test generate a key from random
bytes and store it in a tmp file. This prevents the app developers from
having to share / checkin the secret key for dev / test but also
maintains a key between app restarts in dev/test.
[CVE-2019-5420]
Co-Authored-By: eileencodes <eileencodes@gmail.com>
Co-Authored-By: John Hawthorn <john@hawthorn.email>
Sharang Dashputre