Track the version-compatible config settings inside railties

Instead of forcing new applications to carry an initializer that just
switches things to what their default "should" be, we can handle it
internally.

The initializer is then only used by upgraders: it shows what the new
default would be (commented out), while their upgraded application
continues to operate as it did before.

Under this model, a multiply-upgraded application could accumulate
several new_framework_defaults_*.rb files, for each release series it
has traversed. A given release series only needs to generate the latest,
though, because we don't support `rails app:upgrade` while skipping
releases.

7 files changed, 60 insertions, 59 deletions

diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb
index b0592151b7..027207bbb2 100644
--- a/railties/lib/rails/application/configuration.rb
+++ b/railties/lib/rails/application/configuration.rb
@@ -55,6 +55,34 @@ module Rails
         @read_encrypted_secrets          = false
       end
 
+      def load_defaults(target_version)
+        case target_version.to_s
+        when "5.0"
+          if defined?(action_controller)
+            action_controller.per_form_csrf_tokens = true
+            action_controller.forgery_protection_origin_check = true
+          end
+
+          ActiveSupport.to_time_preserves_timezone = true
+
+          if defined?(active_record)
+            active_record.belongs_to_required_by_default = true
+          end
+
+          self.ssl_options = { hsts: { subdomains: true } }
+
+        when "5.1"
+          load_defaults "5.0"
+
+          if defined?(assets)
+            assets.unknown_asset_fallback = false
+          end
+
+        else
+          raise "Unknown version #{target_version.to_s.inspect}"
+        end
+      end
+
       def encoding=(value)
         @encoding = value
         silence_warnings do
diff --git a/railties/lib/rails/generators/rails/app/app_generator.rb b/railties/lib/rails/generators/rails/app/app_generator.rb
index 442258c9d1..38830ba38f 100644
--- a/railties/lib/rails/generators/rails/app/app_generator.rb
+++ b/railties/lib/rails/generators/rails/app/app_generator.rb
@@ -371,6 +371,14 @@ module Rails
         end
       end
 
+      def delete_new_framework_defaults
+        # Sprockets owns the only new default for 5.1: if it's disabled,
+        # we don't want the file.
+        unless options[:update] && !options[:skip_sprockets]
+          remove_file "config/initializers/new_framework_defaults_5_1.rb"
+        end
+      end
+
       def delete_bin_yarn_if_skip_yarn_option
         remove_file "bin/yarn" if options[:skip_yarn]
       end
diff --git a/railties/lib/rails/generators/rails/app/templates/config/application.rb b/railties/lib/rails/generators/rails/app/templates/config/application.rb
index c0a0bd0a3e..d5d214052f 100644
--- a/railties/lib/rails/generators/rails/app/templates/config/application.rb
+++ b/railties/lib/rails/generators/rails/app/templates/config/application.rb
@@ -22,6 +22,9 @@ Bundler.require(*Rails.groups)
 
 module <%= app_const_base %>
   class Application < Rails::Application
+    # Initialize configuration defaults for originally generated Rails version.
+    config.load_defaults <%= Rails::VERSION::STRING.to_f %>
+
     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.
diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults.rb.tt
deleted file mode 100644
index bd844f0503..0000000000
--- a/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults.rb.tt
+++ /dev/null
@@ -1,37 +0,0 @@
-# Be sure to restart your server when you modify this file.
-#
-# This file contains migration options to ease your Rails 5.0 upgrade.
-#
-<%- if options[:update] -%>
-# Once upgraded flip defaults one by one to migrate to the new default.
-#
-<%- end -%>
-# Read the Guide for Upgrading Ruby on Rails for more info on each option.
-<%- unless options[:api] -%>
-
-# Enable per-form CSRF tokens. Previous versions had false.
-Rails.application.config.action_controller.per_form_csrf_tokens = <%= options[:update] ? false : true %>
-
-# Enable origin-checking CSRF mitigation. Previous versions had false.
-Rails.application.config.action_controller.forgery_protection_origin_check = <%= options[:update] ? false : true %>
-<%- end -%>
-
-# Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`.
-# Previous versions had false.
-ActiveSupport.to_time_preserves_timezone = <%= options[:update] ? false : true %>
-<%- unless options[:skip_active_record] -%>
-
-# Require `belongs_to` associations by default. Previous versions had false.
-Rails.application.config.active_record.belongs_to_required_by_default = <%= options[:update] ? false : true %>
-<%- end -%>
-<%- unless options[:update] -%>
-
-# Configure SSL options to enable HSTS with subdomains. Previous versions had false.
-Rails.application.config.ssl_options = { hsts: { subdomains: true } }
-<%- end -%>
-<%- unless options[:skip_sprockets] -%>
-
-# Unknown asset fallback will return the path passed in when the given
-# asset is not present in the asset pipeline.
-Rails.application.config.assets.unknown_asset_fallback = <%= options[:update] ? true : false %>
-<%- end -%>
diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_1.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_1.rb.tt
new file mode 100644
index 0000000000..5f5545c4c7
--- /dev/null
+++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_1.rb.tt
@@ -0,0 +1,13 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file contains migration options to ease your Rails 5.1 upgrade.
+#
+# Once upgraded flip defaults one by one to migrate to the new default.
+#
+# Read the Guide for Upgrading Ruby on Rails for more info on each option.
+<%- unless options[:skip_sprockets] -%>
+
+# Unknown asset fallback will return the path passed in when the given
+# asset is not present in the asset pipeline.
+# Rails.application.config.assets.unknown_asset_fallback = false
+<%- end -%>
diff --git a/railties/test/generators/api_app_generator_test.rb b/railties/test/generators/api_app_generator_test.rb
index bdef1798f8..bb8b29501a 100644
--- a/railties/test/generators/api_app_generator_test.rb
+++ b/railties/test/generators/api_app_generator_test.rb
@@ -61,15 +61,6 @@ class ApiAppGeneratorTest < Rails::Generators::TestCase
     end
   end
 
-  def test_generator_skips_per_form_csrf_token_and_origin_check_configs_for_api_apps
-    run_generator
-
-    assert_file "config/initializers/new_framework_defaults.rb" do |initializer_content|
-      assert_no_match(/per_form_csrf_tokens/, initializer_content)
-      assert_no_match(/forgery_protection_origin_check/, initializer_content)
-    end
-  end
-
   private
 
     def default_files
diff --git a/railties/test/generators/app_generator_test.rb b/railties/test/generators/app_generator_test.rb
index 79fe4e4eb7..281376cdee 100644
--- a/railties/test/generators/app_generator_test.rb
+++ b/railties/test/generators/app_generator_test.rb
@@ -156,6 +156,10 @@ class AppGeneratorTest < Rails::Generators::TestCase
     assert_no_file "config/initializers/cors.rb"
   end
 
+  def test_new_application_doesnt_need_defaults
+    assert_no_file "config/initializers/new_framework_defaults_5_1.rb"
+  end
+
   def test_app_update_keep_the_cookie_serializer_if_it_is_already_configured
     app_root = File.join(destination_root, "myapp")
     run_generator [app_root]
@@ -197,21 +201,18 @@ class AppGeneratorTest < Rails::Generators::TestCase
     end
   end
 
-  def test_app_update_does_not_create_new_framework_defaults_by_default
+  def test_app_update_create_new_framework_defaults
     app_root = File.join(destination_root, "myapp")
     run_generator [app_root]
 
-    FileUtils.rm("#{app_root}/config/initializers/new_framework_defaults.rb")
+    assert_no_file "#{app_root}/config/initializers/new_framework_defaults_5_1.rb"
 
     stub_rails_application(app_root) do
       generator = Rails::Generators::AppGenerator.new ["rails"], { update: true }, destination_root: app_root, shell: @shell
       generator.send(:app_const)
       quietly { generator.send(:update_config_files) }
 
-      assert_file "#{app_root}/config/initializers/new_framework_defaults.rb" do |content|
-        assert_match(/Rails\.application\.config.active_record\.belongs_to_required_by_default = false/, content)
-        assert_no_match(/Rails\.application\.config\.ssl_options/, content)
-      end
+      assert_file "#{app_root}/config/initializers/new_framework_defaults_5_1.rb"
     end
   end
 
@@ -367,10 +368,6 @@ class AppGeneratorTest < Rails::Generators::TestCase
     assert_file "bin/update" do |update_content|
       assert_no_match(/db:migrate/, update_content)
     end
-
-    assert_file "config/initializers/new_framework_defaults.rb" do |initializer_content|
-      assert_no_match(/belongs_to_required_by_default/, initializer_content)
-    end
   end
 
   def test_generator_if_skip_action_mailer_is_given
@@ -415,9 +412,7 @@ class AppGeneratorTest < Rails::Generators::TestCase
       assert_no_match(/config\.assets\.js_compressor = :uglifier/, content)
       assert_no_match(/config\.assets\.css_compressor = :sass/, content)
     end
-    assert_file "config/initializers/new_framework_defaults.rb" do |content|
-      assert_no_match(/unknown_asset_fallback/, content)
-    end
+    assert_no_file "config/initializers/new_framework_defaults_5_1.rb"
   end
 
   def test_generator_if_skip_yarn_is_given