Merge branch '332288-load-rails-6-1-defaults' into 'master'

Load Rails 6.1 framework defaults See merge request gitlab-org/gitlab!70577

Merge branch '332288-load-rails-6-1-defaults' into 'master'
Load Rails 6.1 framework defaults See merge request gitlab-org/gitlab!70577
af60952f · Jan Provaznik · 3bbc4ef3 · 05e92ebc · af60952f · 3bbc4ef3
Commit af60952f authored Nov 08, 2021 by Jan Provaznik
5 changed files
--- a/config/application.rb
+++ b/config/application.rb
@@ -16,6 +16,8 @@ Bundler.require(*Rails.groups)

 module Gitlab
  class Application < Rails::Application
+    config.load_defaults 6.1
+
    require_dependency Rails.root.join('lib/gitlab')
    require_dependency Rails.root.join('lib/gitlab/utils')
    require_dependency Rails.root.join('lib/gitlab/action_cable/config')
@@ -37,8 +39,6 @@ module Gitlab
    require_dependency Rails.root.join('lib/gitlab/runtime')
    require_dependency Rails.root.join('lib/gitlab/patch/legacy_database_config')

-    config.autoloader = :zeitwerk
-
    # To be removed in 15.0
    # This preload is needed to convert legacy `database.yml`
    # from `production: adapter: postgresql`
@@ -190,11 +190,12 @@ module Gitlab
    # regardless if schema_search_path is set, or not.
    config.active_record.dump_schemas = :all

-    # Use new connection handling so that we can use Rails 6.1+ multiple
-    # database support.
-    config.active_record.legacy_connection_handling = false
-
-    config.action_mailer.delivery_job = "ActionMailer::MailDeliveryJob"
+    # Override default Active Record settings
+    # We cannot do this in an initializer because some models are already loaded by then
+    config.active_record.cache_versioning = false
+    config.active_record.collection_cache_versioning = false
+    config.active_record.has_many_inversing = false
+    config.active_record.belongs_to_required_by_default = false

    # Enable the asset pipeline
    config.assets.enabled = true
@@ -380,6 +381,7 @@ module Gitlab
    config.cache_store = :redis_cache_store, Gitlab::Redis::Cache.active_support_config

    config.active_job.queue_adapter = :sidekiq
+    config.action_mailer.deliver_later_queue_name = :mailers

    # This is needed for gitlab-shell
    ENV['GITLAB_PATH_OUTSIDE_HOOK'] = ENV['PATH']

--- a/config/initializers/action_view.rb
+++ b/config/initializers/action_view.rb
-# frozen_string_literal: true
-
-# This file was introduced during upgrading Rails from 5.2 to 6.0.
-# This file can be removed when `config.load_defaults 6.0` is introduced.
-
-# Don't force requests from old versions of IE to be UTF-8 encoded.
-Rails.application.config.action_view.default_enforce_utf8 = false
--- a/config/initializers/cookies_serializer.rb
+++ b/config/initializers/cookies_serializer.rb
@@ -2,6 +2,5 @@

 # Be sure to restart your server when you modify this file.

-Rails.application.config.action_dispatch.use_cookies_with_metadata = true
 Rails.application.config.action_dispatch.cookies_serializer =
  Gitlab::Utils.to_boolean(ENV['USE_UNSAFE_HYBRID_COOKIES']) ? :hybrid : :json
--- a/config/initializers/new_framework_defaults.rb
+++ b/config/initializers/new_framework_defaults.rb
-# frozen_string_literal: true
-
-# Remove this `if` condition when upgraded to rails 5.0.
-# The body must be kept.
-# Be sure to restart your server when you modify this file.
-#
-# This file contains migration options to ease your Rails 5.0 upgrade.
-#
-# Once upgraded flip defaults one by one to migrate to the new default.
-#
-# Read the Guide for Upgrading Ruby on Rails for more info on each option.
-
-# Enable per-form CSRF tokens. Previous versions had false.
-Rails.application.config.action_controller.per_form_csrf_tokens = false
-
-# Enable origin-checking CSRF mitigation. Previous versions had false.
-Rails.application.config.action_controller.forgery_protection_origin_check = false
-
-# Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`.
-# Previous versions had false.
-ActiveSupport.to_time_preserves_timezone = false
-
-# Require `belongs_to` associations by default. Previous versions had false.
-Rails.application.config.active_record.belongs_to_required_by_default = false
--- a/config/initializers_before_autoloader/000_override_framework_defaults.rb
+++ b/config/initializers_before_autoloader/000_override_framework_defaults.rb
+# frozen_string_literal: true
+
+# This contains configuration from Rails upgrades to override the new defaults so that we
+# keep existing behavior.
+#
+# For boolean values, the new default is the opposite of the value being set in this file.
+# For other types, the new default is noted in the comments. These are also documented in
+# https://guides.rubyonrails.org/configuring.html#results-of-config-load-defaults
+#
+# To switch a setting to the new default value, we just need to delete the specific line here.
+
+Rails.application.configure do
+  # Rails 6.1
+  config.action_dispatch.cookies_same_site_protection = nil # New default is :lax
+  config.action_dispatch.ssl_default_redirect_status = nil # New default is 308
+  ActiveSupport.utc_to_local_returns_utc_offset_times = false
+  config.action_controller.urlsafe_csrf_tokens = false
+  config.action_view.preload_links_header = false
+
+  # Rails 5.2
+  config.action_dispatch.use_authenticated_cookie_encryption = false
+  config.active_support.use_authenticated_message_encryption = false
+  config.active_support.hash_digest_class = ::Digest::MD5 # New default is ::Digest::SHA1
+  config.action_controller.default_protect_from_forgery = false
+  config.action_view.form_with_generates_ids = false
+
+  # Rails 5.1
+  config.assets.unknown_asset_fallback = true
+
+  # Rails 5.0
+  config.action_controller.per_form_csrf_tokens = false
+  config.action_controller.forgery_protection_origin_check = false
+  ActiveSupport.to_time_preserves_timezone = false
+  config.ssl_options = {} # New default is { hsts: { subdomains: true } }
+end