aboutsummaryrefslogtreecommitdiffstats
path: root/railties/lib/rails/generators
Commit message (Collapse)AuthorAgeFilesLines
...
* | Improve generated file `app/assets/javascripts/application.js` of pluginbogdanvlviv2018-02-231-0/+1
| | | | | | | | | | | | Add `//= require rails-ujs` Closes #32094
* | Improve generated file `app/views/application.html.erb` of pluginbogdanvlviv2018-02-231-1/+5
| | | | | | | | | | - Do not generate `javascript_include_tag` if `--skip-javascript` - Generate `<%= csp_meta_tag %>`. Related to #32018.
* | Comment `require "active_storage/engine"` in `bin/rails` of plugin if ↵bogdanvlviv2018-02-231-1/+1
| | | | | | | | `--skip-active-storage`
* | Merge pull request #32018 from rails/add-nonce-support-to-cspAndrew White2018-02-222-1/+5
|\ \ | | | | | | Add support for automatic nonce generation for Rails UJS
| * | Add support for automatic nonce generation for Rails UJSAndrew White2018-02-192-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Because the UJS library creates a script tag to process responses it normally requires the script-src attribute of the content security policy to include 'unsafe-inline'. To work around this we generate a per-request nonce value that is embedded in a meta tag in a similar fashion to how CSRF protection embeds its token in a meta tag. The UJS library can then read the nonce value and set it on the dynamically generated script tag to enable it to execute without needing 'unsafe-inline' enabled. Nonce generation isn't 100% safe - if your script tag is including user generated content in someway then it may be possible to exploit an XSS vulnerability which can take advantage of the nonce. It is however an improvement on a blanket permission for inline scripts. It is also possible to use the nonce within your own script tags by using `nonce: true` to set the nonce value on the tag, e.g <%= javascript_tag nonce: true do %> alert('Hello, World!'); <% end %> Fixes #31689.
* | | Do not add routes when actions are not specifiedYuji Yaginuma2018-02-221-0/+1
|/ / | | | | | | | | | | | | | | | | | | Since #30241, if namepsace is specified, routes will be generated even if there is no actions. However, it seems that this behavior is not intentionally added behavior. As with 5.1, routes should not be generated if actions are not specified. Fixes #32072.
* | Add stimulus to list of supported options for --webpackGuillermo Iguaran2018-02-181-1/+1
| |
* | Don't generate empty app/views folder when --api and --skip-action-mailer ↵Guillermo Iguaran2018-02-181-2/+6
| | | | | | | | | | | | | | are used together The purpose of keeping app/views folder in API apps is that it's used for mailer views so doesn't makes sense to keep it when Action Mailer is skipped.
* | Rails 6 requires Ruby 2.3+Jeremy Daer2018-02-172-11/+2
| |
* | Remove needless requiring 'active_support/core_ext/string/strip'Yoshiyuki Hirano2018-02-171-1/+0
| |
* | Remove usage of strip_heredoc in the framework in favor of <<~Rafael Mendonça França2018-02-1611-19/+19
| | | | | | | | | | Some places we can't remove because Ruby still don't have a method equivalent to strip_heredoc to be called in an already existent string.
* | Add test parallelization to Railseileencodes2018-02-151-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Provides both a forked process and threaded parallelization options. To use add `parallelize` to your test suite. Takes a `workers` argument that controls how many times the process is forked. For each process a new database will be created suffixed with the worker number; test-database-0 and test-database-1 respectively. If `ENV["PARALLEL_WORKERS"]` is set the workers argument will be ignored and the environment variable will be used instead. This is useful for CI environments, or other environments where you may need more workers than you do for local testing. If the number of workers is set to `1` or fewer, the tests will not be parallelized. The default parallelization method is to fork processes. If you'd like to use threads instead you can pass `with: :threads` to the `parallelize` method. Note the threaded parallelization does not create multiple database and will not work with system tests at this time. parallelize(workers: 2, with: :threads) The threaded parallelization uses Minitest's parallel exector directly. The processes paralleliztion uses a Ruby Drb server. For parallelization via threads a setup hook and cleanup hook are provided. ``` class ActiveSupport::TestCase parallelize_setup do |worker| # setup databases end parallelize_teardown do |worker| # cleanup database end parallelize(workers: 2) end ``` [Eileen M. Uchitelle, Aaron Patterson]
* | Don't overwrite config/master.key even on --forceclaudiob2018-02-121-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | See https://github.com/rails/rails/pull/31957#issuecomment-364817423 The purpose of `--force` is not to have any prompt whether a file should be kept or overwritten. In general, all existing files should be overwritten. However, `config/master.key` is special because it is git-ignored, and overwriting it will cause the app not to run (since there won't be a way to decrypt the credentials). As a result, it's probably better to keep the existing config/master.key.
* | Do not update `load_defaults` version when running `app:update` (#31951)Yuji Yaginuma2018-02-132-1/+7
| | | | | | | | | | Incompatible settings are included in the settings set by `load_defaults`. So, I think that target version should be updated by a user when becomes available, and should not be updated with `app:update`.
* | Respect --force option for config/master.keyclaudiob2018-02-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is similar to #30700 which ensures the `--quiet` option of `rails new` is respected by the `MasterKeyGenerator` (missing from #30067). Before this commit, running `rails new app --force` would still prompt the user what to do with the conflict in `config/master.key`: ``` … identical config/locales/en.yml conflict config/master.key Overwrite /Users/claudiob/Desktop/pizza/config/master.key? (enter "h" for help) [Ynaqdh] ``` After this commit, `config/master.key` is overwritten: ``` … identical config/locales/en.yml force config/master.key append .gitignore ``` The newly added test generates an app and then generates it again with `--force`. Without this commit, the test would just wait forever for user input.
* | Merge pull request #31949 from rails/remove-moveClaudio B2018-02-091-2/+0
|\ \ | | | | | | Remove warning from 4 years ago [ci skip]
| * | Remove warning from 4 years ago [ci skip]claudiob2018-02-091-2/+0
| | | | | | | | | | | | | | | `config/initializers/assets.rb` has been a part of Rails apps since Rails 4.2 (30b56084). This comment is probably unnecessary by now.
* | | Use heredoc with credentials templateYoshiyuki Hirano2018-02-092-4/+16
|/ / | | | | | | | | * Use heredoc with credentials template. * Fix indentation for aws config
* | Add nodoc to `CredentialsGenerator` and `MasterKeyGenerator` [ci skip]yuuji.yaginuma2018-02-032-2/+2
| | | | | | | | These classes are internally used only.
* | Removed "private" generators from command list.Wojciech Wnętrzak2018-02-022-18/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Appropriate way to handle encrypted command is by `bin/rails credentials` and `bin/rails encrypted` It was displayed on `bin/rails generate` command: ``` Please choose a generator below. Rails: application_record assets channel controller encrypted_file encryption_key_file generator ... ```
* | Disable CSP by defaultRafael Mendonça França2018-01-301-10/+10
| | | | | | | | | | | | | | | | Before this patch, to be able to use webpacker and webconsole we were defining an used default in the script-src policy. White we don't implement the automatic nonce approach defined in https://github.com/rails/rails/issues/31689 it is better to not have any default configuration in Rails 5.2.
* | Merge pull request #31769 from justjake/patch-2Matthew Draper2018-01-301-1/+1
|\ \ | | | | | | | | | yarnpkg: correct exec syntax
| * | yarnpkg: correct exec syntaxJake Teton-Landis2018-01-231-1/+2
|/ / | | | | Previous change didn’t expand this array of arguments
* | bin/yarn: Pass through arguments with spacesJake Teton-Landis2018-01-211-1/+1
| | | | | | | | | | | | Previously, the `bin/yarn` wrapper would "unquote" arguments to yarn like this: `yarn run add-copyright "(c) 2017, 2018 MyCompany"` That results in an ARGV of ['run', 'add-copyright', '(c) 2017, 2018 MyCompany'] in the yarn wrapper, but a ARGV in the yarn executable of ['run', 'add-copyright', '(c)', '2017,', '2018', MyCompany']
* | Merge pull request #31641 from ckoenig/remove_frozen_string_literalYuji Yaginuma2018-01-201-4/+6
|\ \ | | | | | | Use dup'ed options hash
| * | Work on a dup'ed options hashChristof Koenig2018-01-091-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Otherwise, at least using JRuby, the replacements in convert_database_option_for_jruby won't work. Thus a call to bundle exec rails app:update fails. Simply replacing those replace statements doesn't seem to work either, since the options hash seems to be frozen, too.
* | | Merge pull request #31732 from ↵Matthew Draper2018-01-191-2/+2
|\ \ \ | | | | | | | | | | | | | | | | koic/enable_autocorrect_for_lint_end_alignment_cop Enable autocorrect for `Lint/EndAlignment` cop
| * | | Enable autocorrect for `Lint/EndAlignment` copKoichi ITO2018-01-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ### Summary This PR changes .rubocop.yml. Regarding the code using `if ... else ... end`, I think the coding style that Rails expects is as follows. ```ruby var = if cond a else b end ``` However, the current .rubocop.yml setting does not offense for the following code. ```ruby var = if cond a else b end ``` I think that the above code expects offense to be warned. Moreover, the layout by autocorrect is unnatural. ```ruby var = if cond a else b end ``` This PR adds a setting to .rubocop.yml to make an offense warning and autocorrect as expected by the coding style. And this change also fixes `case ... when ... end` together. Also this PR itself is an example that arranges the layout using `rubocop -a`. ### Other Information Autocorrect of `Lint/EndAlignment` cop is `false` by default. https://github.com/bbatsov/rubocop/blob/v0.51.0/config/default.yml#L1443 This PR changes this value to `true`. Also this PR has changed it together as it is necessary to enable `Layout/ElseAlignment` cop to make this behavior.
* | | | Merge pull request #31730 from ↵Eileen M. Uchitelle2018-01-181-1/+1
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | bogdanvlviv/allow_false_for-config-generators-system_tests Allow `false` for `config.generators.system_tests=`
| * | | | Allow `false` for `config.generators.system_tests=`bogdanvlviv2018-01-181-1/+1
| |/ / / | | | | | | | | | | | | | | | | Mention `config.generators.system_tests` in the "Configuring Rails Applications" guide.
* / / / Revert "Merge pull request #31434 from olivierlacan/boot-feedback"Matthew Draper2018-01-191-4/+0
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit edc54fd2068bc21f0d381228e55d97e32f508923, reversing changes made to a5922f132f4d163e2c7f770427087f5268c18def. As discussed, this is not an appropriate place to make assumptions about ARGV, or to write to stdout: config/boot.rb is a library and is required by other applictions, with which we have no right to interfere.
* | | Provide a sensible default hostGeorge Claghorn2018-01-161-2/+0
| | |
* | | Extract content types from blob dataGeorge Claghorn2018-01-151-0/+2
| | |
* | | Merge pull request #31572 from kami-zh/fix-templateYuji Yaginuma2018-01-131-2/+3
|\ \ \ | | | | | | | | Fix comment about initializers to adapt to the fact
| * | | Fix comment about initializers to adapt to the factkami-zh2017-12-271-2/+3
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the comment says application configuration should go into files in `config/initializers`. However some configuration couldn't initialize correctly because of the initializing process(e.g. `config.time_zone`). It should be changed by framework but this is large change and it may occur malfunction to some applications which depends on current initializing process. So this comment is changed to adapt to the fact.
* | | Merge pull request #31651 from eugeneius/use_sha1_digestsSean Griffin2018-01-121-0/+3
|\ \ \ | | | | | | | | Use SHA-1 for non-sensitive digests by default
| * | | Use SHA-1 for non-sensitive digests by defaultEugene Kenny2018-01-081-0/+3
| |/ / | | | | | | | | | | | | | | | Instead of providing a configuration option to set the hash function, switch to SHA-1 for new apps and allow upgrading apps to opt in later via `new_framework_defaults_5_2.rb`.
* | | Use unsafe_inline as the default for script_src CSP until we get a nonce ↵David Heinemeier Hansson2018-01-121-1/+1
| | | | | | | | | | | | | | | | | | | | | alternative Closes #31273 but we will still want to upgrade this to the nonce-approach when it’s ready.
* | | Add note about having to restart when modifying initializerDavid Heinemeier Hansson2018-01-121-0/+2
| | |
* | | Use complete variable names rather than single-letter abbreviations for styleDavid Heinemeier Hansson2018-01-121-8/+8
| | |
* | | PostgreSQL: Allow pg-1.0 gem to be used with ActiveRecordLars Kanis2018-01-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pg-1.0.0 is just released and most Gemfiles don't restrict it's version. But the version is checked when connecting to the database, which leads to the following error: Gem::LoadError: can't activate pg (~> 0.18), already activated pg-1.0.0 See also this pg issue: https://bitbucket.org/ged/ruby-pg/issues/270/pg-100-x64-mingw32-rails-server-not-start Preparation for pg-1.0 was done in commit f28a331023fab, but the pg version constraint was not yet relaxed.
* | | Merge pull request #31534 from claudiob/kaspth-approachKasper Timm Hansen2018-01-092-11/+0
|\ \ \ | |/ / |/| | Don't include Active Storage migrations in new apps
| * | Don't run rails active_storage:install in new appsclaudiob2017-12-142-11/+0
| | | | | | | | | | | | See #31315 for full discussion
* | | Removes OS specific directory separatorDaniel Lopez2017-12-211-1/+1
| | |
* | | Remove verbose_query_logs from new_framework_defaults_5_2.rbEugene Kenny2017-12-201-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `app:update` rake task will regenerate `development.rb` so that it contains this option; that means we're currently adding it to existing apps in two places, which is unnecessary and confusing. Also: - Remove inaccurate comment about which stack frames are ignored - Clarify that the feature uses `caller_locations`, not `caller` - Remove unused return value in `extract_callstack`
* | | Implicitly skip bootsnap for `rails new --dev`yuuji.yaginuma2017-12-191-1/+1
| | | | | | | | | | | | | | | | | | | | | Specifying the `--dev` option is when want to change the codebase, as it is not necessary to cache it. Context: https://github.com/rails/rails/pull/31485#issuecomment-352452653
* | | Merge pull request #31348 from y-yagi/fix_31283Kasper Timm Hansen2017-12-182-2/+3
|\ \ \ | | | | | | | | Raise an error only when `require_master_key` is specified
| * | | Raise an error only when `require_master_key` is specifiedyuuji.yaginuma2017-12-182-2/+3
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | To prevent errors from being raise in environments where credentials is unnecessary. Context: https://github.com/rails/rails/issues/31283#issuecomment-348801489 Fixes #31283
* | | Update new_framework_defaults_5_2.rb.ttAnton Rieder2017-12-181-1/+1
| | | | | | | | | Be consistent in comments when mentioning AES.
* | | Add `skip_bootsnap` optionyuuji.yaginuma2017-12-163-0/+11
|/ / | | | | | | | | | | `bootsnap` is a useful gem normally. However, `bootsnap` is unnecessary when generating a Rails application to be used only for testing. So I want to control whether use this or not by option.