pgbus 0.2.2 → 0.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 11fc5e1aa1196d1332b426e72aab0364cc548925fe960ff6626a6cd8090b2de5
-  data.tar.gz: 52fd690b0a3afda834850f5fc0eb3a111fd18062af6b3ca7097fadc085abf1b9
+  metadata.gz: daac3606ba66624f54b5b6cf8db0830827c2ce0492b7d6d38ce347d1e0f3aeb2
+  data.tar.gz: ad7eb6ea7beae1e07a813cac5cac37980671f8106f2ac7444a127a81d6f7a2e3
 SHA512:
-  metadata.gz: f232df26f7a0122db40119b43bf0d03290ea583eaf889ac58c95bb81850c5f745603fa81b848be437f4298ffff5ed65c82c64b890da64bc663ef600a4d05fe0c
-  data.tar.gz: c2d5f381fa2e4cf4943fe9bd27815459faaf9f92c7bf40d97bb2ea93b5622dcb5a197d8ccdb63249fd2ee681d4c10961070e7016093bacda2ba81010939cd7aa
+  metadata.gz: f7a513fd3e2f7aac5a3c0db040a3e7b6b11b6c4c0f619f6f0d37ebbf3e2cd6336737af20e4a7a00da19a1937d5be2b8e24d666483bf661005422c04bbac1805c
+  data.tar.gz: 255c0382fbc4f4b797577757ebe5bfa9611f350456292d78e41678d6ebe834c52a5588e2f902159b0c5467becb076f0b724b8dc782b21dfb0d423404dc31d178

data/CHANGELOG.md

@@ -1,5 +1,18 @@
 ## [Unreleased]
 
+### Breaking Changes
+
+- **Queue names must be alphanumeric and underscores only.** Queue names containing dashes (e.g., `my-app-queue`) will now raise `ArgumentError`. Rename to underscored form (e.g., `my_app_queue`) before upgrading. This restriction prevents SQL injection via PGMQ queue identifiers, which are interpolated into table names and cannot be parameterized.
+
+### Security
+
+- Add `bundler-audit` to CI for dependency vulnerability scanning
+- Add `QueueNameValidator` to enforce strict queue name validation (alphanumeric + underscores, 61 char max)
+- Add `config.allowed_global_id_models` to restrict which models can be deserialized from event payloads
+- Add security headers to dashboard (X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy)
+- Warn when dashboard `web_auth` is unconfigured
+- Add `globalid` as an explicit runtime dependency (was used but only transitively available via activejob)
+
 ## [0.1.0] - 2026-03-30
 
 - Initial release

data/Rakefile

@@ -50,15 +50,24 @@ task :build do
   sh("rm -rf /tmp/gem-verify #{gem_file}")
 end
 
-desc "Release a new version (rake release[1.2.3] or rake release[pre])"
-task :release, [:version] do |_t, args|
+desc "Release a new version (rake release[1.2.3] or rake release[pre] or rake release[1.2.3,force])"
+task :release, %i[version force] do |_t, args|
   require_relative "lib/pgbus/version"
 
+  def info(msg)    = puts "\e[34m→\e[0m #{msg}"
+  def success(msg) = puts "\e[32m✓\e[0m #{msg}"
+  def skip(msg)    = puts "\e[33m⊘\e[0m #{msg} \e[33m(skipped)\e[0m"
+  def warn(msg)    = puts "\e[33m⚠\e[0m #{msg}"
+  def error(msg)   = puts "\e[31m✗\e[0m #{msg}"
+  def header(msg)  = puts "\n\e[1;36m#{msg}\e[0m\n#{"─" * msg.length}"
+
   new_version = args[:version]
-  abort "Usage: rake release[X.Y.Z] or rake release[pre]" unless new_version
+  abort "\e[31mUsage: rake release[X.Y.Z] or rake release[X.Y.Z,force]\e[0m" unless new_version
+
+  force = args[:force]&.to_s&.downcase == "force"
 
   dirty = `git status --porcelain`.strip
-  abort "Aborting: working directory is not clean.\n#{dirty}" unless dirty.empty?
+  abort "\e[31mAborting: working directory is not clean.\e[0m\n#{dirty}" unless dirty.empty?
 
   current = Pgbus::VERSION
   prerelease = new_version.match?(/alpha|beta|rc|pre/) || new_version == "pre"
@@ -69,43 +78,97 @@ task :release, [:version] do |_t, args|
   end
 
   tag = "v#{new_version}"
+  version_file = "lib/pgbus/version.rb"
 
-  puts "Current version: #{current}"
-  puts "New version:     #{new_version}"
-  puts "Tag:             #{tag}"
-  puts "Pre-release:     #{prerelease}"
-  puts ""
+  title = "Release #{tag}"
+  title += " (force)" if force
+  header title
+  info "Current version: #{current}"
+  info "New version:     #{new_version}"
+  info "Pre-release:     #{prerelease}"
+
+  # Step 0: Force cleanup — delete existing release and tag
+  if force
+    header "Force cleanup"
+    if system("gh release view #{tag} >/dev/null 2>&1")
+      sh("gh release delete #{tag} --yes --cleanup-tag")
+      success "Deleted release and remote tag #{tag}"
+    else
+      skip "No release #{tag} to delete"
+    end
+
+    if system("git rev-parse #{tag} >/dev/null 2>&1")
+      sh("git tag -d #{tag}")
+      success "Deleted local tag #{tag}"
+    else
+      skip "No local tag #{tag} to delete"
+    end
+  end
 
-  # Update version file if needed
-  version_file = "lib/pgbus/version.rb"
-  if new_version != current
+  # Step 1: Update version file
+  header "Version"
+  if new_version == current
+    skip "Version already #{new_version}"
+  else
     content = File.read(version_file)
     content.sub!(/VERSION = ".*"/, "VERSION = \"#{new_version}\"")
     File.write(version_file, content)
-    puts "Updated #{version_file}"
+    success "Updated #{version_file}"
   end
 
-  # Verify gem builds cleanly
+  # Step 2: Verify gem builds cleanly
+  header "Build verification"
   sh("gem build pgbus.gemspec --strict")
   sh("rm -f pgbus-*.gem")
+  success "Gem builds cleanly"
 
-  # Commit, push, and create release
-  if new_version != current
+  # Step 3: Commit version bump
+  header "Git commit"
+  version_changed = !`git diff #{version_file}`.strip.empty? || !`git diff --cached #{version_file}`.strip.empty?
+  if version_changed
     sh("git add #{version_file}")
     sh("git commit -m 'chore: bump version to #{new_version}'")
+    success "Committed version bump"
+  else
+    skip "No version change to commit"
+  end
+
+  # Step 4: Push to origin
+  header "Git push"
+  local_sha = `git rev-parse HEAD`.strip
+  remote_sha = `git rev-parse origin/main 2>/dev/null`.strip
+  if local_sha == remote_sha
+    skip "origin/main already at #{local_sha[0..6]}"
+  else
+    sh("git push origin main")
+    success "Pushed to origin/main"
   end
-  sh("git push origin main")
 
-  pre_flag = prerelease ? "--prerelease" : ""
-  sh("gh release create #{tag} --generate-notes --target main #{pre_flag}".strip)
+  # Step 5: Create release
+  header "Release"
+  tag_exists = system("git rev-parse #{tag} >/dev/null 2>&1")
+  release_exists = system("gh release view #{tag} >/dev/null 2>&1")
+
+  if release_exists
+    skip "Release #{tag} already exists (use force to re-create)"
+  elsif tag_exists
+    info "Tag #{tag} exists, creating release from it"
+    pre_flag = prerelease ? "--prerelease" : ""
+    sh("gh release create #{tag} --generate-notes #{pre_flag}".strip)
+    success "Release #{tag} created from existing tag"
+  else
+    pre_flag = prerelease ? "--prerelease" : ""
+    sh("gh release create #{tag} --generate-notes --target main #{pre_flag}".strip)
+    success "Release #{tag} created"
+  end
 
   puts ""
-  puts "Release #{tag} created! CI will handle the rest:"
-  puts "  - Run tests"
-  puts "  - Build + verify gem"
-  puts "  - Sign with Sigstore"
-  puts "  - Publish to RubyGems"
-  puts "  - Upload assets to the release"
+  success "\e[1mRelease #{tag} complete!\e[0m CI will handle the rest:"
+  puts "    • Run tests"
+  puts "    • Build + verify gem"
+  puts "    • Sign with Sigstore"
+  puts "    • Publish to RubyGems"
+  puts "    • Upload assets to the release"
 end
 
 task default: %i[spec rubocop]

data/app/controllers/pgbus/application_controller.rb

@@ -6,6 +6,7 @@ module Pgbus
 
     protect_from_forgery with: :exception
     before_action :set_locale
+    after_action :set_security_headers
 
     layout "pgbus/application"
 
@@ -21,6 +22,14 @@ module Pgbus
 
     private
 
+    def set_security_headers
+      response.headers["X-Frame-Options"] = "SAMEORIGIN"
+      response.headers["X-Content-Type-Options"] = "nosniff"
+      response.headers["X-XSS-Protection"] = "0"
+      response.headers["Referrer-Policy"] = "strict-origin-when-cross-origin"
+      response.headers["Permissions-Policy"] = "camera=(), microphone=(), geolocation=()"
+    end
+
     def set_locale
       I18n.locale = extract_locale || I18n.default_locale
     end
@@ -51,6 +60,7 @@ module Pgbus
       @available_locales ||= Dir[Pgbus::Engine.root.join("config", "locales", "*.yml")]
                              .map { |f| File.basename(f, ".yml").to_sym }
     end
+    helper_method :available_locales
 
     def data_source
       @data_source ||= Pgbus.configuration.web_data_source || Web::DataSource.new
@@ -67,9 +77,8 @@ module Pgbus
     def insights_minutes
       config = Pgbus.configuration
       default = config.insights_default_minutes.to_i
-      max = config.stats_retention.to_i / 60
       value = (params[:minutes] || default).to_i
-      value.clamp(1, [max, 1].max)
+      value.clamp(1, [default, 43_200].max)
     end
 
     def turbo_frame_request?

data/app/views/layouts/pgbus/application.html.erb

@@ -4,6 +4,12 @@
   <meta charset="utf-8">
   <meta name="viewport" content="width=device-width, initial-scale=1">
   <title><%= t("pgbus.layout.title") %></title>
+  <style>
+    /* Prevent white flash during navigation in dark mode.
+       Applied before Tailwind CDN loads so the background is correct immediately. */
+    html.dark { background-color: #030712; } /* gray-950 */
+    html.dark body { background-color: #030712; }
+  </style>
   <script src="https://cdn.tailwindcss.com"></script>
   <script>
     tailwind.config = { darkMode: 'class' };
@@ -17,24 +23,17 @@
       var isDark = document.documentElement.classList.toggle('dark');
       localStorage.setItem('pgbus-dark', isDark);
     }
-    // Locale dropdown toggle
+    // Close locale dropdown when clicking outside
     document.addEventListener('click', function(e) {
-      var btn = e.target.closest('[data-action="click->dropdown#toggle"]');
-      var menu = btn && btn.parentElement.querySelector('[data-dropdown-target="menu"]');
-      // Close all menus first
-      document.querySelectorAll('[data-dropdown-target="menu"]').forEach(function(m) {
-        if (m !== menu) m.classList.add('hidden');
-      });
-      if (menu) { menu.classList.toggle('hidden'); e.stopPropagation(); }
-    });
-    document.addEventListener('click', function() {
-      document.querySelectorAll('[data-dropdown-target="menu"]').forEach(function(m) {
-        m.classList.add('hidden');
-      });
+      var switcher = document.getElementById('pgbus-locale-switcher');
+      var menu = document.getElementById('pgbus-locale-menu');
+      if (menu && switcher && !switcher.contains(e.target)) {
+        menu.classList.add('hidden');
+      }
     });
   </script>
   <script type="module">
-    import * as Turbo from "https://cdn.jsdelivr.net/npm/@hotwired/turbo@8/dist/turbo.es2017.esm.js";
+    import * as Turbo from "https://esm.sh/@hotwired/turbo@8";
 
     <% if Pgbus.configuration.web_live_updates %>
     const interval = <%= Pgbus.configuration.web_refresh_interval %>;
@@ -43,7 +42,10 @@
       function refreshFrames() {
         if (document.hidden) return;
         document.querySelectorAll("turbo-frame[data-auto-refresh]")
-          .forEach(frame => frame.reload());
+          .forEach(frame => {
+            if (!frame.src && frame.dataset.src) frame.src = frame.dataset.src;
+            if (frame.src) frame.reload();
+          });
       }
       function start() { timer = setInterval(refreshFrames, interval); }
       function stop() { clearInterval(timer); }
@@ -81,19 +83,16 @@
 
           <div class="flex items-center space-x-2">
             <!-- Locale switcher -->
-            <div class="relative" data-controller="dropdown">
-              <button type="button" data-action="click->dropdown#toggle" class="rounded-md px-2 py-1.5 text-sm text-gray-300 hover:text-white hover:bg-gray-700 focus:outline-none focus:ring-2 focus:ring-indigo-500">
+            <div class="relative" id="pgbus-locale-switcher">
+              <button type="button" onclick="document.getElementById('pgbus-locale-menu').classList.toggle('hidden')" class="rounded-md px-2 py-1 text-sm text-gray-300 hover:text-white hover:bg-gray-700 focus:outline-none focus:ring-2 focus:ring-indigo-500">
                 <%= pgbus_locale_flag(I18n.locale) %> <%= I18n.locale.to_s.upcase %>
               </button>
-              <div data-dropdown-target="menu" class="hidden absolute right-0 z-50 mt-1 w-44 origin-top-right rounded-md bg-white dark:bg-gray-800 shadow-lg ring-1 ring-black/5 dark:ring-white/10">
+              <div id="pgbus-locale-menu" class="hidden absolute right-0 z-50 mt-1 w-44 origin-top-right rounded-md bg-white dark:bg-gray-800 shadow-lg ring-1 ring-black/5 dark:ring-white/10">
                 <div class="py-1" role="menu">
-                  <% controller.send(:available_locales).sort.each do |loc| %>
-                    <%= form_tag pgbus.set_locale_path, method: :post, class: "contents" do %>
-                      <%= hidden_field_tag :locale, loc %>
-                      <button type="submit" role="menuitem" class="w-full text-left px-3 py-1.5 text-sm <%= loc == I18n.locale ? 'bg-indigo-50 dark:bg-indigo-900/30 text-indigo-700 dark:text-indigo-300 font-medium' : 'text-gray-700 dark:text-gray-300 hover:bg-gray-100 dark:hover:bg-gray-700' %>">
-                        <%= pgbus_locale_flag(loc) %> <%= pgbus_locale_name(loc) %>
-                      </button>
-                    <% end %>
+                  <% available_locales.sort.each do |loc| %>
+                    <a href="<%= pgbus.set_locale_path(locale: loc) %>" role="menuitem" class="block px-3 py-1 text-sm no-underline <%= loc == I18n.locale ? 'bg-indigo-50 dark:bg-indigo-900/30 text-indigo-700 dark:text-indigo-300 font-medium' : 'text-gray-700 dark:text-gray-300 hover:bg-gray-100 dark:hover:bg-gray-700' %>">
+                      <%= pgbus_locale_flag(loc) %> <%= pgbus_locale_name(loc) %>
+                    </a>
                   <% end %>
                 </div>
               </div>

data/app/views/pgbus/dashboard/_processes_table.html.erb

@@ -1,4 +1,4 @@
-<turbo-frame id="dashboard-processes" data-auto-refresh src="<%= pgbus.root_path(frame: 'processes') %>">
+<turbo-frame id="dashboard-processes" data-auto-refresh data-src="<%= pgbus.root_path(frame: 'processes') %>">
   <div>
     <h2 class="text-lg font-semibold text-gray-900 dark:text-white mb-3"><%= t("pgbus.dashboard.processes_table.title") %></h2>
     <div class="overflow-hidden rounded-lg bg-white dark:bg-gray-800 shadow ring-1 ring-gray-200 dark:ring-gray-700">

data/app/views/pgbus/dashboard/_queues_table.html.erb

@@ -1,4 +1,4 @@
-<turbo-frame id="dashboard-queues" data-auto-refresh src="<%= pgbus.root_path(frame: 'queues') %>">
+<turbo-frame id="dashboard-queues" data-auto-refresh data-src="<%= pgbus.root_path(frame: 'queues') %>">
   <div class="mb-8">
     <div class="flex items-center justify-between mb-3">
       <h2 class="text-lg font-semibold text-gray-900 dark:text-white"><%= t("pgbus.dashboard.queues_table.title") %></h2>

data/app/views/pgbus/dashboard/_recent_failures.html.erb

@@ -1,4 +1,4 @@
-<turbo-frame id="dashboard-failures" data-auto-refresh src="<%= pgbus.root_path(frame: 'failures') %>">
+<turbo-frame id="dashboard-failures" data-auto-refresh data-src="<%= pgbus.root_path(frame: 'failures') %>">
   <div>
     <div class="flex items-center justify-between mb-3">
       <h2 class="text-lg font-semibold text-gray-900 dark:text-white"><%= t("pgbus.dashboard.recent_failures.title") %></h2>

data/app/views/pgbus/dashboard/_stats_cards.html.erb

@@ -1,4 +1,4 @@
-<turbo-frame id="dashboard-stats" data-auto-refresh src="<%= pgbus.root_path(frame: 'stats') %>">
+<turbo-frame id="dashboard-stats" data-auto-refresh data-src="<%= pgbus.root_path(frame: 'stats') %>">
   <div class="grid grid-cols-1 gap-4 sm:grid-cols-2 lg:grid-cols-6 mb-8">
     <div class="rounded-lg bg-white dark:bg-gray-800 p-5 shadow ring-1 ring-gray-200 dark:ring-gray-700">
       <p class="text-sm font-medium text-gray-500 dark:text-gray-400"><%= t("pgbus.dashboard.stats_cards.queues") %></p>

data/app/views/pgbus/dead_letter/_messages_table.html.erb

@@ -1,4 +1,4 @@
-<turbo-frame id="dlq-messages" data-auto-refresh src="<%= pgbus.dead_letter_index_path(frame: 'list') %>">
+<turbo-frame id="dlq-messages" data-auto-refresh data-src="<%= pgbus.dead_letter_index_path(frame: 'list') %>">
   <div class="overflow-hidden rounded-lg bg-white dark:bg-gray-800 shadow ring-1 ring-gray-200 dark:ring-gray-700">
     <table class="min-w-full divide-y divide-gray-200 dark:divide-gray-700">
       <thead class="bg-gray-50 dark:bg-gray-900">

data/app/views/pgbus/jobs/_enqueued_table.html.erb

@@ -1,4 +1,4 @@
-<turbo-frame id="jobs-enqueued" data-auto-refresh src="<%= pgbus.jobs_path(request.query_parameters.merge(frame: 'enqueued')) %>">
+<turbo-frame id="jobs-enqueued" data-auto-refresh data-src="<%= pgbus.jobs_path(request.query_parameters.merge(frame: 'enqueued')) %>">
   <div>
     <h2 class="text-lg font-semibold text-gray-900 dark:text-white mb-3"><%= t("pgbus.jobs.enqueued_table.title") %></h2>
     <div class="overflow-hidden rounded-lg bg-white dark:bg-gray-800 shadow ring-1 ring-gray-200 dark:ring-gray-700">

data/app/views/pgbus/jobs/_failed_table.html.erb

@@ -1,4 +1,4 @@
-<turbo-frame id="jobs-failed" data-auto-refresh src="<%= pgbus.jobs_path(frame: 'failed') %>">
+<turbo-frame id="jobs-failed" data-auto-refresh data-src="<%= pgbus.jobs_path(frame: 'failed') %>">
   <div class="mb-8">
     <h2 class="text-lg font-semibold text-gray-900 dark:text-white mb-3"><%= t("pgbus.jobs.failed_table.title") %></h2>
     <div class="overflow-hidden rounded-lg bg-white dark:bg-gray-800 shadow ring-1 ring-gray-200 dark:ring-gray-700">

data/app/views/pgbus/processes/_processes_table.html.erb

@@ -1,4 +1,4 @@
-<turbo-frame id="processes-list" data-auto-refresh src="<%= pgbus.processes_path(frame: 'list') %>">
+<turbo-frame id="processes-list" data-auto-refresh data-src="<%= pgbus.processes_path(frame: 'list') %>">
   <div class="overflow-hidden rounded-lg bg-white dark:bg-gray-800 shadow ring-1 ring-gray-200 dark:ring-gray-700">
     <table class="min-w-full divide-y divide-gray-200 dark:divide-gray-700">
       <thead class="bg-gray-50 dark:bg-gray-900">

data/app/views/pgbus/queues/_queues_list.html.erb

@@ -1,4 +1,4 @@
-<turbo-frame id="queues-list" data-auto-refresh src="<%= pgbus.queues_path(frame: 'list') %>">
+<turbo-frame id="queues-list" data-auto-refresh data-src="<%= pgbus.queues_path(frame: 'list') %>">
   <div class="overflow-hidden rounded-lg bg-white dark:bg-gray-800 shadow ring-1 ring-gray-200 dark:ring-gray-700">
     <table class="min-w-full divide-y divide-gray-200 dark:divide-gray-700">
       <thead class="bg-gray-50 dark:bg-gray-900">

data/app/views/pgbus/recurring_tasks/_tasks_table.html.erb

@@ -1,4 +1,4 @@
-<turbo-frame id="recurring-tasks" data-auto-refresh src="<%= pgbus.recurring_tasks_path(frame: 'recurring_tasks') %>">
+<turbo-frame id="recurring-tasks" data-auto-refresh data-src="<%= pgbus.recurring_tasks_path(frame: 'recurring_tasks') %>">
   <div class="rounded-lg bg-white dark:bg-gray-800 shadow ring-1 ring-gray-200 dark:ring-gray-700">
     <% if @recurring_tasks.empty? %>
       <div class="p-8 text-center text-gray-500">

data/config/routes.rb

@@ -52,7 +52,7 @@ Pgbus::Engine.routes.draw do
   resources :locks, only: [:index]
   resource :insights, only: [:show], controller: "insights"
 
-  post :set_locale, to: "locale#update"
+  get :set_locale, to: "locale#update"
 
   namespace :api do
     get :stats, to: "stats#show"

data/lib/active_job/queue_adapters/pgbus_adapter.rb

@@ -19,6 +19,13 @@ module ActiveJob
         true
       end
 
+      # Called by ActiveJob::Continuation (Rails 8.1+) at each checkpoint.
+      # When true, continuable jobs save their cursor and re-enqueue
+      # themselves so the worker can shut down gracefully.
+      def stopping?
+        Pgbus.stopping
+      end
+
       private
 
       def adapter

data/lib/pgbus/active_job/executor.rb

@@ -80,7 +80,7 @@ module Pgbus
       private
 
       def execute_job(job)
-        if defined?(Rails) && Rails.application
+        if defined?(Rails) && Rails.respond_to?(:application) && Rails.application
           Rails.application.executor.wrap { job.perform_now }
         else
           job.perform_now

data/lib/pgbus/client.rb

@@ -216,7 +216,7 @@ module Pgbus
 
     def purge_archive(queue_name, older_than:, batch_size: 1000)
       full_name = config.queue_name(queue_name)
-      sanitized = full_name.gsub(/[^a-zA-Z0-9_]/, "")
+      sanitized = QueueNameValidator.sanitize!(full_name)
       total = 0
 
       sql = "DELETE FROM pgmq.a_#{sanitized} " \

data/lib/pgbus/config_loader.rb

@@ -8,7 +8,7 @@ module Pgbus
     module_function
 
     def load(path, env: nil)
-      env ||= defined?(Rails) ? Rails.env : ENV.fetch("PGBUS_ENV", "development")
+      env ||= (defined?(Rails) && Rails.respond_to?(:env) && Rails.env) || ENV.fetch("PGBUS_ENV", "development")
       raw = File.read(path)
       parsed = YAML.safe_load(ERB.new(raw).result, permitted_classes: [Symbol], aliases: true)
       config_hash = parsed.fetch(env, parsed)

data/lib/pgbus/configuration.rb

@@ -36,7 +36,7 @@ module Pgbus
     attr_accessor :outbox_enabled, :outbox_poll_interval, :outbox_batch_size, :outbox_retention
 
     # Event bus
-    attr_accessor :idempotency_ttl
+    attr_accessor :idempotency_ttl, :allowed_global_id_models
 
     # Logging
     attr_accessor :logger
@@ -108,8 +108,9 @@ module Pgbus
       @outbox_retention = 24 * 3600 # 1 day
 
       @idempotency_ttl = 7 * 24 * 3600 # 7 days
+      @allowed_global_id_models = nil # nil = allow all (for backwards compat)
 
-      @logger = defined?(Rails) ? Rails.logger : Logger.new($stdout)
+      @logger = (defined?(Rails) && Rails.respond_to?(:logger) && Rails.logger) || Logger.new($stdout)
 
       @listen_notify = true
       @notify_throttle_ms = 250
@@ -138,7 +139,9 @@ module Pgbus
     end
 
     def queue_name(name)
-      "#{queue_prefix}_#{name}"
+      full = "#{queue_prefix}_#{name}"
+      QueueNameValidator.validate!(full)
+      full
     end
 
     def dead_letter_queue_name(name)

data/lib/pgbus/event_bus/handler.rb

@@ -36,7 +36,7 @@ module Pgbus
 
       def build_event(raw)
         payload = raw["payload"]
-        payload = GlobalID::Locator.locate(payload["_global_id"]) if payload.is_a?(Hash) && payload["_global_id"]
+        payload = Serializer.locate_global_id(payload["_global_id"]) if payload.is_a?(Hash) && payload["_global_id"]
 
         Event.new(
           event_id: raw["event_id"],

data/lib/pgbus/process/supervisor.rb

@@ -143,7 +143,7 @@ module Pgbus
         return true if config.recurring_tasks_file && File.exist?(config.recurring_tasks_file.to_s)
 
         # Check default location
-        if defined?(Rails)
+        if defined?(Rails) && Rails.respond_to?(:root) && Rails.root
           default_path = Rails.root.join("config", "recurring.yml")
           return File.exist?(default_path.to_s)
         end
@@ -155,7 +155,7 @@ module Pgbus
         return if config.recurring_tasks&.any?
 
         path = config.recurring_tasks_file
-        path ||= defined?(Rails) ? Rails.root.join("config", "recurring.yml") : nil
+        path ||= defined?(Rails) && Rails.respond_to?(:root) && Rails.root ? Rails.root.join("config", "recurring.yml") : nil
         return unless path && File.exist?(path.to_s)
 
         config.recurring_tasks = Recurring::ConfigLoader.load(path)
@@ -289,7 +289,7 @@ module Pgbus
       end
 
       def load_rails_app
-        return unless defined?(Rails)
+        return unless defined?(Rails) && Rails.respond_to?(:application) && Rails.application
 
         Rails.application.eager_load! if Rails.application.respond_to?(:eager_load!)
       end

data/lib/pgbus/process/worker.rb

@@ -66,12 +66,14 @@ module Pgbus
 
       def graceful_shutdown
         Pgbus.logger.info { "[Pgbus] Worker shutting down gracefully..." }
+        Pgbus.stopping = true
         @lifecycle.transition_to(:draining)
         @wake_signal.notify!
       end
 
       def immediate_shutdown
         Pgbus.logger.warn { "[Pgbus] Worker shutting down immediately!" }
+        Pgbus.stopping = true
         @lifecycle.transition_to!(:stopped)
         @wake_signal.notify!
         @pool.kill
@@ -210,6 +212,7 @@ module Pgbus
       def check_recycle
         return unless @lifecycle.running? && recycle_needed?
 
+        Pgbus.stopping = true
         @lifecycle.transition_to(:draining)
         @wake_signal.notify!
       end

data/lib/pgbus/queue_name_validator.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module Pgbus
+  # Validates and sanitizes PGMQ queue names for safe use in SQL identifiers.
+  #
+  # PGMQ queue names are interpolated into SQL as table/sequence names
+  # (e.g., pgmq.q_<name>, pgmq.a_<name>). This module enforces strict
+  # validation to prevent SQL injection via crafted queue names.
+  module QueueNameValidator
+    # PostgreSQL identifier limit is 63 bytes (NAMEDATALEN - 1).
+    # PGMQ prefixes with "q_" or "a_" (2 chars), so limit the name itself.
+    MAX_QUEUE_NAME_LENGTH = 61
+
+    # Only alphanumeric characters and underscores are allowed.
+    VALID_QUEUE_NAME_PATTERN = /\A[a-zA-Z0-9_]+\z/
+
+    module_function
+
+    # Validates a queue name for safe SQL identifier use.
+    # Returns the name if valid, raises ArgumentError if not.
+    def validate!(name)
+      name = name.to_s
+      raise ArgumentError, "Queue name cannot be blank" if name.empty?
+      if name.length > MAX_QUEUE_NAME_LENGTH
+        raise ArgumentError,
+              "Queue name too long (#{name.length} chars, max #{MAX_QUEUE_NAME_LENGTH}): #{name.inspect}"
+      end
+
+      unless VALID_QUEUE_NAME_PATTERN.match?(name)
+        raise ArgumentError,
+              "Invalid queue name: #{name.inspect}. Only alphanumeric characters and underscores are allowed."
+      end
+
+      name
+    end
+
+    # Sanitizes a queue name by removing invalid characters, then validates.
+    # Use this for names from untrusted sources (e.g., URL params).
+    def sanitize!(name)
+      sanitized = name.to_s.gsub(/[^a-zA-Z0-9_]/, "")
+      validate!(sanitized)
+      sanitized
+    end
+  end
+end

data/lib/pgbus/recurring/config_loader.rb

@@ -24,7 +24,7 @@ module Pgbus
       end
 
       def detect_env
-        if defined?(Rails)
+        if defined?(Rails) && Rails.respond_to?(:env) && Rails.env
           Rails.env.to_s
         else
           ENV.fetch("PGBUS_ENV", "development")

data/lib/pgbus/serializer.rb

@@ -41,7 +41,7 @@ module Pgbus
       data = JSON.parse(json_string)
       payload = data["payload"]
 
-      data["payload"] = GlobalID::Locator.locate(payload["_global_id"]) if payload.is_a?(Hash) && payload["_global_id"]
+      data["payload"] = locate_global_id(payload["_global_id"]) if payload.is_a?(Hash) && payload["_global_id"]
 
       Event.new(
         event_id: data["event_id"],
@@ -49,5 +49,32 @@ module Pgbus
         published_at: Time.parse(data["published_at"])
       )
     end
+
+    # Locate a GlobalID with optional type restriction.
+    # When allowed_global_id_models is configured, only those model classes
+    # can be resolved — prevents loading arbitrary objects from crafted payloads.
+    def locate_global_id(gid_string)
+      gid = GlobalID.parse(gid_string)
+      raise ArgumentError, "Invalid GlobalID: #{gid_string.inspect}" unless gid
+
+      allowed = Pgbus.configuration.allowed_global_id_models
+      if allowed&.empty?
+        raise ArgumentError,
+              "GlobalID deserialization is disabled (allowed_global_id_models is empty). " \
+              "Set to nil to allow all models, or add permitted classes."
+      end
+      if allowed&.any? { |entry| !entry.is_a?(Class) && !entry.is_a?(Module) }
+        raise ArgumentError,
+              "allowed_global_id_models must contain Class/Module objects, " \
+              "got: #{allowed.map(&:class).uniq.join(", ")}"
+      end
+      if allowed&.none? { |klass| gid.model_class <= klass }
+        raise ArgumentError,
+              "GlobalID model #{gid.model_class} is not in allowed_global_id_models. " \
+              "Add it to Pgbus.configuration.allowed_global_id_models to permit deserialization."
+      end
+
+      GlobalID::Locator.locate(gid)
+    end
   end
 end

data/lib/pgbus/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Pgbus
-  VERSION = "0.2.2"
+  VERSION = "0.2.4"
 end

data/lib/pgbus/web/authentication.rb

@@ -9,16 +9,35 @@ module Pgbus
         before_action :authenticate_pgbus!
       end
 
+      class << self
+        attr_accessor :auth_warned
+      end
+
       private
 
       def authenticate_pgbus!
         auth_block = Pgbus.configuration.web_auth
-        return if auth_block.nil?
+
+        if auth_block.nil?
+          warn_unauthenticated_dashboard
+          return
+        end
 
         return if auth_block.respond_to?(:call) && auth_block.call(request)
 
         head :unauthorized
       end
+
+      def warn_unauthenticated_dashboard
+        return if Pgbus::Web::Authentication.auth_warned
+
+        Pgbus.logger.warn do
+          "[Pgbus] Dashboard is accessible without authentication. " \
+            "Configure Pgbus.configuration.web_auth to restrict access. " \
+            "See: https://github.com/mhenrixon/pgbus#dashboard-authentication"
+        end
+        Pgbus::Web::Authentication.auth_warned = true
+      end
     end
   end
 end

data/lib/pgbus/web/data_source.rb

@@ -662,10 +662,7 @@ module Pgbus
       end
 
       def sanitize_name(name)
-        sanitized = name.gsub(/[^a-zA-Z0-9_]/, "")
-        raise ArgumentError, "Invalid queue name: #{name.inspect}" if sanitized.empty?
-
-        sanitized
+        QueueNameValidator.sanitize!(name)
       end
 
       def compute_throughput(queues)

data/lib/pgbus.rb

@@ -13,6 +13,14 @@ module Pgbus
   class SchemaNotReady < Error; end
 
   class << self
+    # Process-global flag set by Worker#graceful_shutdown so the adapter
+    # can report stopping? to ActiveJob::Continuation (Rails 8.1+).
+    attr_writer :stopping
+
+    def stopping
+      @stopping || false
+    end
+
     def loader
       @loader ||= begin
         loader = Zeitwerk::Loader.for_gem

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pgbus
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.2.4
 platform: ruby
 authors:
 - Mikael Henriksson
@@ -43,6 +43,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.11.1
+- !ruby/object:Gem::Dependency
+  name: globalid
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: pgmq-ruby
   requirement: !ruby/object:Gem::Requirement
@@ -228,6 +242,7 @@ files:
 - lib/pgbus/process/wake_signal.rb
 - lib/pgbus/process/worker.rb
 - lib/pgbus/queue_factory.rb
+- lib/pgbus/queue_name_validator.rb
 - lib/pgbus/rate_counter.rb
 - lib/pgbus/recurring/already_recorded.rb
 - lib/pgbus/recurring/command_job.rb