Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rails 5.2 #37098

Merged
merged 17 commits into from
Nov 13, 2020
Merged

Rails 5.2 #37098

merged 17 commits into from
Nov 13, 2020

Conversation

Hamms
Copy link
Contributor

@Hamms Hamms commented Oct 6, 2020
edited

Update us to Rails 5.2, the very latest 5.x version.

Like the 5.1 upgrade, this PR is kept pretty minimal; most of the required work has been done in other PRs. Some of that work includes:

The changes included in this pull request are those that cannot be applied in advance, and the individual commits for each change should explain in some detail why they are necessary.

Next steps

Next up is 6.0! I plan to start by working through the official "Upgrading from Rails 5.2 to Rails 6.0" guide, as well as dealing with the deprecation warnings we can already see in this PR. First among those is the change to start enforcing safer SQL queries in ActiveRecord, work which has already been started in #37654

Testing story

I've done quite a bit of manual testing over the course of this upgrade, but I am mostly relying on our existing tests

Reviewer Checklist:

  • Tests provide adequate coverage
  • Privacy and Security impacts have been assessed
  • Code is well-commented
  • New features are translatable or updates will not break translations
  • Relevant documentation has been added or updated
  • User impact is well-understood and desirable
  • Pull Request is labeled appropriately
  • Follow-up work items (including potential tech debt) are tracked and linked

@Hamms Hamms added the Rails Upgrade All work related to upgrading the version of Ruby on Rails we use. label Oct 6, 2020
@Hamms Hamms force-pushed the rails-5.2 branch 2 times, most recently from 5e49cd3 to 1a9a3b8 Compare November 3, 2020 19:59
@Hamms
Update the logic which detects if caching is disabled
119ad5b 
To reflect the new rails functionality. Specifically, in rails/rails#30367 the cache control headers were normalized more aggressively, which results in the headers we examine to determine whether or not caching is enabled to have slightly different content.

I'm not 100% clear on exactly which headers here are or are not important to us, but according to [the relevant documentation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control) the removed headers seem unnecessary:

> `**no-store**`
>
> The response may **not** be stored in _any_ cache. Although other directives may be set, this alone is _the only directive you need in preventing cached responses_ on modern browsers. `max-age=0` **is already implied. Setting** `must-revalidate` **does not make sense** because in order to go through revalidation you need the response to be stored in a cache, which `no-store` prevents.
@Hamms
Merge pull request #37741 from code-dot-org/update-cache-detection-logic
7e46b73 
Update the logic which detects if caching is disabled
@Hamms
Merge branch 'staging' into rails-5.2
39b4f2b
@Hamms
Don't require 'private' when checking for cache
01fec17 
Follow-up to #37741

It looks like the Rails caching logic doesn't always include the `private` header. This makes sense; again referenving [the relevant documentation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control):

> **`private`**
>
> The response may be stored only by a _browser's_ cache, even if the response is normally non-cacheable. **If you mean to not store the response in any cache, use `no-store` instead.** _This directive is not effective in preventing caches from storing your response._
@Hamms
Merge branch 'ensure-valid-regional-partner-in-test' into rails-5.2
2c318b5
@Hamms
Merge branch 'stop-checking-for-same-email' into rails-5.2
6a507df
@Hamms
Merge branch 'cancancan-2.3.0' into rails-5.2
9397cc2
@Hamms
Update our "Ignore X-Forwarded-Host" patch to Rack 2.2.3
aafe206 
The method we're patching to override this behavior was updated a couple of times since our previous version of rack; first in rack/rack#1435, then presumably a couple more times because the relevant logic ends up looking like this in 2.2.3:

https://github.com/rack/rack/blob/1741c580d71cfca8e541e96cc372305c8892ee74/lib/rack/request.rb#L222-L229

We therefore in this PR update the logic of our patch to better match the current internal structure of Rack.
@Hamms
Merge branch 'remove-escaping-cookie-test' into rails-5.2
e7a1370
@Hamms Hamms marked this pull request as ready for review November 13, 2020 22:17
@Hamms Hamms requested a review from wjordan November 13, 2020 22:18
wjordan
wjordan approved these changes Nov 13, 2020
View reviewed changes
Copy link
Contributor

@wjordan wjordan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome! Remaining changes look good and are all pretty straightforward, it looks like we've discussed them all already. Thanks for pulling the bulk of the upgrade-compatibility work out into separately-mergeable PRs, it really helps make the review easier!

@Hamms Hamms merged commit eb21d89 into staging Nov 13, 2020
@Hamms Hamms deleted the rails-5.2 branch November 13, 2020 22:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wjordan wjordan wjordan approved these changes

Assignees
No one assigned
Labels
Rails Upgrade All work related to upgrading the version of Ruby on Rails we use.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@Hamms @wjordan