Since Puma 5.0 (puma/puma@05936689c8),
Puma will automatically set `workers` to `ENV["WEB_CONCURRENCY"] || 0`.
Additionally, if `ENV["WEB_CONCURRENCY"]` > 1, Puma will automatically
set `preload_app`.
This can lead to confusing scenarios for users who are unaware of this
behavior and have customized `config/puma.rb`. For example, if a user
uncomments the `workers` and `preload_app!` directives, it is clear that
Puma will preload the app, and the number of workers can be configured
by setting `ENV["WEB_CONCURRENCY"]`. If the user sets
`ENV["WEB_CONCURRENCY"]` > 1, but then changes their mind and removes
the `workers` or `preload_app!` directives *without* clearing
`ENV["WEB_CONCURRENCY"]`, Puma will still preload the app and launch
`ENV["WEB_CONCURRENCY"]` number of workers. Similarly, if a user
uncomments *only* the `workers` directive and sets
`ENV["WEB_CONCURRENCY"]` > 1, Puma will preload the app even though the
`preload_app!` directive is still commented out.
To avoid such scenarios, this commit removes the commented-out `workers`
and `preload_app!` directives from the default `config/puma.rb`.
Also, to improve discoverability of available configuration options,
this commit adds a link to the Puma DSL documentation at the top of the
file.
I was auditing which routes in my app do not actually a
have corresponding controller action. ActionMailbox's
inbound_mails has these 4 routes defined, which do not
actually work.
GET /rails/conductor/action_mailbox/inbound_emails/:id/edit
PATCH /rails/conductor/action_mailbox/inbound_emails/:id
PUT /rails/conductor/action_mailbox/inbound_emails/:id
DELETE /rails/conductor/action_mailbox/inbound_emails/:id
I wanted to add a test for sending an attachment that is an empty string
and a file but got this error:
NoMethodError: undefined method `original_filename' for "#<Rack::Test::UploadedFile:0x000000010840d388>":String
Related: #44702Fixes#45088
-----
Started POST "/rails/conductor/action_mailbox/inbound_emails" for ::1 at 2022-05-14 07:34:19 +0200
Processing by Rails::Conductor::ActionMailbox::InboundEmailsController#create as HTML
Parameters: {"authenticity_token"=>"[FILTERED]", "mail"=>{"from"=>"", "to"=>"", "cc"=>"", "bcc"=>"", "x_original_to"=>"", "in_reply_to"=>"", "subject"=>"", "body"=>"", "attachments"=>[""]}, "commit"=>"Deliver inbound email"}
Completed 500 Internal Server Error in 7ms (ActiveRecord: 0.0ms | Allocations: 2600)
NoMethodError (undefined method `original_filename' for "":String
mail.add_file(filename: attachment.original_filename, content: attachment.read)
^^^^^^^^^^^^^^^^^^):
actionmailbox (7.0.3) app/controllers/rails/conductor/action_mailbox/inbound_emails_controller.rb:26:in `block (2 levels) in new_mail'
actionmailbox (7.0.3) app/controllers/rails/conductor/action_mailbox/inbound_emails_controller.rb:25:in `each'
actionmailbox (7.0.3) app/controllers/rails/conductor/action_mailbox/inbound_emails_controller.rb:25:in `block in new_mail'
<internal:kernel>:90:in `tap'
actionmailbox (7.0.3) app/controllers/rails/conductor/action_mailbox/inbound_emails_controller.rb:23:in `new_mail'
actionmailbox (7.0.3) app/controllers/rails/conductor/action_mailbox/inbound_emails_controller.rb:17:in `create'
Co-Authored-By: Patrício dos Santos <hello@psantos.dev>
Every time I write `config.cache_classes` I have to pause for a moment to make
sure I get it right. It makes you think.
On the other hand, if you read `config.enable_reloading = true`, does the
application reload? You do not need to spend 1 cycle of brain CPU to nod.
Calling `skip_forgery_protection` without first calling
`protect_from_forgery`--either manually or through default
settings--raises an `ArgumentError` because `verify_authenticity_token`
has not been defined as a callback.
Since Rails 7.0 adds `skip_forgery_protection` to the
`Rails::WelcomeController` (PR #42864), this behavior means that setting
`default_protect_from_forgery` to false and visiting the Rails Welcome
page (`/`) raises an error.
This behavior also created an issue for `ActionMailbox` that was
previously fixed in the Mailbox controller by running
`skip_forgery_protection` only if `default_protect_from_forgery` was
true (PR #35935).
This PR addresses the underlying issue by setting the `raise` option for
`skip_before_action` to default to false inside
`skip_forgery_protection`.
The fix is implemented in `request_forgery_protection.rb`. The change to
`ActionMailbox`'s `base_controller.rb` removes the now-unnecessary
check of `default_protect_from_forgery`.
The tests added in `request_forgery_protection_test.rb` and
`routing_test.rb` both raise an error when run against the current
codebase and pass with the changes noted above.
RDoc will automatically format and link API references as long as they
are not already marked up as inline code.
This commit removes markup from various API references so that those
references will link to the relevant API docs.
"Overwrite" means "destructively replace", and is more suitable when,
for example, talking about writing data to a location.
"Override" means "supersede", and is more suitable when, for example,
talking about redifining methods in a subclass.
In Ruby 3.1 those gems were dropped from the stdlib, so they need to be
explicitly installed. Mail should be doing this for us, but since it
cares about Ruby < 2.6, and those gems can't be installed there, they
can't add them to the gemspec without dropping support to old rubies.
Since we don't care about Ruby < 2.7, we can just require them in all
frameworks that use mail.
ruby/debug is a new debugger that is going to ship with CRuby.
It makes sense for Rails to switch to this one because that is
where the language is heading, and because Byebug is not fully
compatible with Zeitwerk. See
https://github.com/deivid-rodriguez/byebug/issues/564
While ruby/debug has not been heavily tested with Zeitwerk,
casual usage seems to suggest it works without issues, including
explicit namespaces, which is where Byebug and Zeitwerk conflict.
Byebug is terrific, thanks a lot for all these years. ❤️
I found an unexpected use of assertion in the block of `assert_raise`
when I implemented https://github.com/rubocop/rubocop-minitest/pull/137.
It is expected to be asserted after an exception is raised in
`assert_raise` block, but in actually it is not asserted after an
exception is raised. Therefore, this PR removes or updates assertions
that have not been asserted after an exception has raised.
This PR will add `rubocop-minitest` and enable
`Minitest/UnreachableAssertion` cop to able similar auto-detection,
but will remove `rubocop-minitest` from this PR if you don't like it.
* Stop trying to configure listen by default on compatible platforms
Modern computers with SSDs don't see much/any benefit from having an evented file update watcher. Remove complexity by taking this spinning-drive concession out.
* Actually need listen for testing the opt-in
* Test no longer relevant
Prior to this commit, when adding attachments to an inbound email
through the conductor, the log would warn of an unpermitted parameter
with the message:
> Unpermitted parameter: :attachments. Context: { }
Also, if an application had the setting:
config.action_controller.action_on_unpermitted_parameters = :raise
it would raise an error, because the attachments are not a permitted
parameter.
This commit also sets `action_on_unpermitted_parameters` to `:raise`
for the action mailbox test suite, so that tests are run in most
restrictive setting available, to prevent future unpermitted parameters
from being passed by conductor actions.
Co-authored-by: Dana Henke <danapalazzo1@gmail.com>
This is imperfect in situations when a separation
between regular files (such as uploads) and emails
is necessary (for the purposes of regulatory compliance,
proper compartmentalization, etc.)
Solution: allow configuring ActionMailbox's storage service
Terser is more up to date with modern javascript features, and the
uglifier gem repository recommends using it for minifying ES6+.
Followup for 955041b
Affected gems:
* actionmailbox
* activestorage
* actiontext
This fixes the following warning:
DEPRECATION WARNING: Using legacy connection handling is deprecated. Please set
`legacy_connection_handling` to `false` in your application.
The new connection handling does not support `connection_handlers`
getter and setter.
Read more about how to migrate at: https://guides.rubyonrails.org/active_record_multiple_databases.html#migrate-to-the-new-connection-handling
(called from require at ~/.gem/ruby/3.1.0/gems/zeitwerk-2.4.2/lib/zeitwerk/kernel.rb:34)
Currently when you make a new Rails app, we generate a lot of initializers. For new users, I think we should try and include as few as possible - the less files, the less daunting a new app is. And for upgrades I'd like to [continue to simplify the update process](https://github.com/rails/rails/pull/41083), in this case by not bringing back initializers you have probably already dismissed or modified.
In this PR I'm proposing we remove two initializers: `application_controller_renderer.rb` and `cookies_serializer.rb`:
**`application_controller_renderer.rb`**. This configures [`ActionController::Renderer`](https://api.rubyonrails.org/classes/ActionController/Renderer.html), for rendering views outside of controller actions. I don't think this is something most Rails apps will need (certainly not on day 1); users can configure this feature when they need it.
**`cookies_serializer.rb`**. This was added for [Rails 4.1](https://guides.rubyonrails.org/upgrading_ruby_on_rails.html#cookies-serializer). The behaviour is:
- For new apps, the initializer says `:json`.
- For upgraded apps that don't have the initializer, it is added with value `:marshal`.
- If there's no initializer, the [default value](c9a89a4067/actionpack/lib/action_dispatch/middleware/cookies.rb (L589)) is `:marshal`.
Since nobody should be upgrading direct from Rails 4.0 to Rails 7.0, we can simplify this by using new framework defaults. So the behavior will now be:
- For new apps, `config.load_defaults("7.0")` sets the value to `:json`.
- The `new_framework_defaults_7_0.rb` file explains this, and suggests using `:hybrid` to be upgrade to JSON cookies.
- No changes to [the code](c9a89a4067/actionpack/lib/action_dispatch/middleware/cookies.rb (L589)); the default value is `:marshal` if you don't set one.
So if you were not setting a `cookies_serializer` previously and you want to keep using `:marshal`, you'll need to explicitly set this before using `config.load_defaults("7.0")`, otherwise it will switch to `:json`. The upside of this is you won't get the `cookies_serializer.rb` file created for you every time you upgrade.
This pull request addresses these warnings.
```ruby
$ cd actionmailbox
$ bin/test test/controllers/ingresses/relay/inbound_emails_controller_test.rb
Run options: --seed 32561
DEPRECATION WARNING: Rails 7.0 will return Content-Type header without modification. If you want just the MIME type, please use `#media_type` instead. (called from call at /home/yahonda/.rbenv/versions/3.0.0/lib/ruby/gems/3.0.0/gems/rack-2.2.3/lib/rack/tempfile_reaper.rb:15)
...DEPRECATION WARNING: Rails 7.0 will return Content-Type header without modification. If you want just the MIME type, please use `#media_type` instead. (called from call at /home/yahonda/.rbenv/versions/3.0.0/lib/ruby/gems/3.0.0/gems/rack-2.2.3/lib/rack/tempfile_reaper.rb:15)
..
Finished in 0.114883s, 43.5224 runs/s, 87.0447 assertions/s.
5 runs, 10 assertions, 0 failures, 0 errors, 0 skips
$
```
Follow-up https://github.com/rails/rails/commit/84055130713
related to https://github.com/rails/rails/pull/41251
Fix that a storage upload error would leave behind a stuck-pending ActionMailbox::InboundEmail that could never be processed. The message isn't lost: the SMTP relay sees an HTTP server error and defers message delivery. We just have spurious, non-actionable InboundEmails stuck pending and tripping monitoring.
This does still leave behind an unattached ActiveStorage::Blob with no corresponding object on the storage service, but that's less annoying.
Gannon McGibbon