railties 5.2.5 → 6.0.0.beta1

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2004-2018 David Heinemeier Hansson
+Copyright (c) 2004-2019 David Heinemeier Hansson
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/RDOC_MAIN.rdoc

@@ -1,4 +1,6 @@
-== Welcome to \Rails
+= Welcome to \Rails
+
+== What's \Rails
 
 \Rails is a web-application framework that includes everything needed to
 create database-backed web applications according to the
@@ -6,43 +8,48 @@ create database-backed web applications according to the
 pattern.
 
 Understanding the MVC pattern is key to understanding \Rails. MVC divides your
-application into three layers, each with a specific responsibility.
+application into three layers: Model, View, and Controller, each with a specific responsibility.
+
+== Model layer
 
-The <em>Model layer</em> represents your domain model (such as Account, Product,
-Person, Post, etc.) and encapsulates the business logic that is specific to
+The <em><b>Model layer</b></em> represents the domain model (such as Account, Product,
+Person, Post, etc.) and encapsulates the business logic specific to
 your application. In \Rails, database-backed model classes are derived from
-ActiveRecord::Base. Active Record allows you to present the data from
+<tt>ActiveRecord::Base</tt>. {Active Record}[link:files/activerecord/README_rdoc.html] allows you to present the data from
 database rows as objects and embellish these data objects with business logic
-methods. You can read more about Active Record in its {README}[link:files/activerecord/README_rdoc.html].
-Although most \Rails models are backed by a database, models can also be ordinary
+methods. Although most \Rails models are backed by a database, models can also be ordinary
 Ruby classes, or Ruby classes that implement a set of interfaces as provided by
-the Active Model module. You can read more about Active Model in its {README}[link:files/activemodel/README_rdoc.html].
+the {Active Model}[link:files/activemodel/README_rdoc.html] module.
 
-The <em>Controller layer</em> is responsible for handling incoming HTTP requests and
+== Controller layer
+
+The <em><b>Controller layer</b></em> is responsible for handling incoming HTTP requests and
 providing a suitable response. Usually this means returning \HTML, but \Rails controllers
 can also generate XML, JSON, PDFs, mobile-specific views, and more. Controllers load and
 manipulate models, and render view templates in order to generate the appropriate HTTP response.
 In \Rails, incoming requests are routed by Action Dispatch to an appropriate controller, and
-controller classes are derived from ActionController::Base. Action Dispatch and Action Controller
-are bundled together in Action Pack. You can read more about Action Pack in its
-{README}[link:files/actionpack/README_rdoc.html].
+controller classes are derived from <tt>ActionController::Base</tt>. Action Dispatch and Action Controller
+are bundled together in {Action Pack}[link:files/actionpack/README_rdoc.html].
+
+== View layer
 
-The <em>View layer</em> is composed of "templates" that are responsible for providing
+The <em><b>View layer</b></em> is composed of "templates" that are responsible for providing
 appropriate representations of your application's resources. Templates can
 come in a variety of formats, but most view templates are \HTML with embedded
 Ruby code (ERB files). Views are typically rendered to generate a controller response,
-or to generate the body of an email. In \Rails, View generation is handled by Action View.
-You can read more about Action View in its {README}[link:files/actionview/README_rdoc.html].
-
-Active Record, Active Model, Action Pack, and Action View can each be used independently outside \Rails.
-In addition to that, \Rails also comes with Action Mailer ({README}[link:files/actionmailer/README_rdoc.html]), a library
-to generate and send emails; Active Job ({README}[link:files/activejob/README_md.html]), a
-framework for declaring jobs and making them run on a variety of queueing
-backends; Action Cable ({README}[link:files/actioncable/README_md.html]), a framework to
-integrate WebSockets with a \Rails application;
-Active Storage ({README}[link:files/activestorage/README_md.html]), a library to attach cloud
-and local files to \Rails applications;
-and Active Support ({README}[link:files/activesupport/README_rdoc.html]), a collection
+or to generate the body of an email. In \Rails, View generation is handled by {Action View}[link:files/actionview/README_rdoc.html].
+
+== Frameworks and libraries
+
+{Active Record}[link:files/activerecord/README_rdoc.html], {Active Model}[link:files/activemodel/README_rdoc.html],
+{Action Pack}[link:files/actionpack/README_rdoc.html], and {Action View}[link:files/actionview/README_rdoc.html] can each be used independently outside \Rails.
+In addition to that, \Rails also comes with {Action Mailer}[link:files/actionmailer/README_rdoc.html], a library
+to generate and send emails; {Action Mailbox}[link:files/actionmailbox/README_md.html], a library to receive emails within a Rails application;
+{Active Job}[link:files/activejob/README_md.html], a framework for declaring jobs and making them run on a variety of queueing
+backends; {Action Cable}[link:files/actioncable/README_md.html], a framework to
+integrate WebSockets with a \Rails application; {Active Storage}[link:files/activestorage/README_md.html],
+a library to attach cloud and local files to \Rails applications; {Action Text}[link:files/actiontext/README_md.html], a library to handle rich text content;
+and {Active Support}[link:files/activesupport/README_rdoc.html], a collection
 of utility classes and standard library extensions that are useful for \Rails,
 and may also be used independently outside \Rails.
 
@@ -70,15 +77,15 @@ and may also be used independently outside \Rails.
 5. Follow the guidelines to start developing your application. You may find the following resources handy:
 
    * The \README file created within your application.
-   * {Getting Started with \Rails}[http://guides.rubyonrails.org/getting_started.html].
-   * {Ruby on \Rails Guides}[http://guides.rubyonrails.org].
+   * {Getting Started with \Rails}[https://guides.rubyonrails.org/getting_started.html].
+   * {Ruby on \Rails Guides}[https://guides.rubyonrails.org].
    * {The API Documentation}[http://api.rubyonrails.org].
    * {Ruby on \Rails Tutorial}[https://www.railstutorial.org/book].
 
 == Contributing
 
 We encourage you to contribute to Ruby on \Rails! Please check out the
-{Contributing to Ruby on \Rails guide}[http://guides.rubyonrails.org/contributing_to_ruby_on_rails.html] for guidelines about how to proceed. {Join us!}[http://contributors.rubyonrails.org]
+{Contributing to Ruby on \Rails guide}[https://guides.rubyonrails.org/contributing_to_ruby_on_rails.html] for guidelines about how to proceed. {Join us!}[http://contributors.rubyonrails.org]
 
 Trying to report a possible security vulnerability in \Rails? Please
 check out our {security policy}[http://rubyonrails.org/security/] for

data/README.rdoc

@@ -17,7 +17,7 @@ The latest version of Railties can be installed with RubyGems:
 
 Source code can be downloaded as part of the Rails project on GitHub
 
-* https://github.com/rails/rails/tree/5-2-stable/railties
+* https://github.com/rails/rails/tree/master/railties
 
 == License
 

data/lib/minitest/rails_plugin.rb

@@ -43,18 +43,14 @@ module Minitest
       Minitest.backtrace_filter = ::Rails.backtrace_cleaner if ::Rails.respond_to?(:backtrace_cleaner)
     end
 
-    self.plugin_rails_replace_reporters(reporter, options)
-  end
-
-  def self.plugin_rails_replace_reporters(minitest_reporter, options)
-    return unless minitest_reporter.kind_of?(Minitest::CompositeReporter)
+    # Suppress summary reports when outputting inline rerun snippets.
+    if reporter.reporters.reject! { |reporter| reporter.kind_of?(SummaryReporter) }
+      reporter << SuppressedSummaryReporter.new(options[:io], options)
+    end
 
     # Replace progress reporter for colors.
-    if minitest_reporter.reporters.reject! { |reporter| reporter.kind_of?(SummaryReporter) } != nil
-      minitest_reporter << SuppressedSummaryReporter.new(options[:io], options)
-    end
-    if minitest_reporter.reporters.reject! { |reporter| reporter.kind_of?(ProgressReporter) } != nil
-      minitest_reporter << ::Rails::TestUnitReporter.new(options[:io], options)
+    if reporter.reporters.reject! { |reporter| reporter.kind_of?(ProgressReporter) }
+      reporter << ::Rails::TestUnitReporter.new(options[:io], options)
     end
   end
 

data/lib/rails/all.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+# rubocop:disable Style/RedundantBegin
+
 require "rails"
 
 %w(
@@ -10,6 +12,8 @@ require "rails"
   action_mailer/railtie
   active_job/railtie
   action_cable/engine
+  action_mailbox/engine
+  action_text/engine
   rails/test_unit/railtie
   sprockets/railtie
 ).each do |railtie|

data/lib/rails/api/generator.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "sdoc"
+require "active_support/core_ext/array/extract"
 
 class RDoc::Generator::API < RDoc::Generator::SDoc # :nodoc:
   RDoc::RDoc.add_generator self
@@ -11,7 +12,7 @@ class RDoc::Generator::API < RDoc::Generator::SDoc # :nodoc:
     # since they aren't nested under a definition of the `ActiveStorage` module.
     if visited.empty?
       classes = classes.reject { |klass| active_storage?(klass) }
-      core_exts, classes = classes.partition { |klass| core_extension?(klass) }
+      core_exts = classes.extract! { |klass| core_extension?(klass) }
 
       super.unshift([ "Core extensions", "", "", build_core_ext_subtree(core_exts, visited) ])
     else

data/lib/rails/api/task.rb

@@ -74,6 +74,22 @@ module Rails
           )
         },
 
+        "actionmailbox" => {
+          include: %w(
+            README.md
+            app/**/action_mailbox/**/*.rb
+            lib/action_mailbox/**/*.rb
+          )
+        },
+
+        "actiontext" => {
+          include: %w(
+            README.md
+            app/**/action_text/**/*.rb
+            lib/action_text/**/*.rb
+          )
+        },
+
         "railties" => {
           include: %w(
             README.rdoc

data/lib/rails/app_loader.rb

@@ -49,7 +49,7 @@ EOS
         if exe = find_executable
           contents = File.read(exe)
 
-          if contents =~ /(APP|ENGINE)_PATH/
+          if /(APP|ENGINE)_PATH/.match?(contents)
             exec RUBY, exe, *ARGV
             break # non reachable, hack to be able to stub exec in the test suite
           elsif exe.end_with?("bin/rails") && contents.include?("This file was generated by Bundler")

data/lib/rails/app_updater.rb

@@ -21,12 +21,14 @@ module Rails
       private
         def generator_options
           options = { api: !!Rails.application.config.api_only, update: true }
+          options[:skip_javascript] = !File.exist?(Rails.root.join("bin", "yarn"))
           options[:skip_active_record]  = !defined?(ActiveRecord::Railtie)
-          options[:skip_active_storage] = !defined?(ActiveRecord::Railtie)
+          options[:skip_active_storage] = !defined?(ActiveStorage::Engine) || !defined?(ActiveRecord::Railtie)
           options[:skip_action_mailer]  = !defined?(ActionMailer::Railtie)
           options[:skip_action_cable]   = !defined?(ActionCable::Engine)
           options[:skip_sprockets]      = !defined?(Sprockets::Railtie)
           options[:skip_puma]           = !defined?(Puma)
+          options[:skip_bootsnap]       = !defined?(Bootsnap)
           options[:skip_spring]         = !defined?(Spring)
           options
         end

data/lib/rails/application.rb

@@ -172,14 +172,9 @@ module Rails
     def key_generator
       # number of iterations selected based on consultation with the google security
       # team. Details at https://github.com/rails/rails/pull/6952#issuecomment-7661220
-      @caching_key_generator ||=
-        if secret_key_base
-          ActiveSupport::CachingKeyGenerator.new(
-            ActiveSupport::KeyGenerator.new(secret_key_base, iterations: 1000)
-          )
-        else
-          ActiveSupport::LegacyKeyGenerator.new(secrets.secret_token)
-        end
+      @caching_key_generator ||= ActiveSupport::CachingKeyGenerator.new(
+        ActiveSupport::KeyGenerator.new(secret_key_base, iterations: 1000)
+      )
     end
 
     # Returns a message verifier object.
@@ -232,7 +227,12 @@ module Rails
 
       if yaml.exist?
         require "erb"
-        (YAML.load(ERB.new(yaml.read).result) || {})[env] || {}
+        config = YAML.load(ERB.new(yaml.read).result) || {}
+        config = (config["shared"] || {}).merge(config[env] || {})
+
+        ActiveSupport::OrderedOptions.new.tap do |config_as_ordered_options|
+          config_as_ordered_options.update(config.deep_symbolize_keys)
+        end
       else
         raise "Could not load configuration. No such file - #{yaml}"
       end
@@ -249,7 +249,6 @@ module Rails
         super.merge(
           "action_dispatch.parameter_filter" => config.filter_parameters,
           "action_dispatch.redirect_filter" => config.filter_redirect,
-          "action_dispatch.secret_token" => secrets.secret_token,
           "action_dispatch.secret_key_base" => secret_key_base,
           "action_dispatch.show_exceptions" => config.action_dispatch.show_exceptions,
           "action_dispatch.show_detailed_exceptions" => config.consider_all_requests_local,
@@ -267,6 +266,7 @@ module Rails
           "action_dispatch.cookies_serializer" => config.action_dispatch.cookies_serializer,
           "action_dispatch.cookies_digest" => config.action_dispatch.cookies_digest,
           "action_dispatch.cookies_rotations" => config.action_dispatch.cookies_rotations,
+          "action_dispatch.use_cookies_with_metadata" => config.action_dispatch.use_cookies_with_metadata,
           "action_dispatch.content_security_policy" => config.content_security_policy,
           "action_dispatch.content_security_policy_report_only" => config.content_security_policy_report_only,
           "action_dispatch.content_security_policy_nonce_generator" => config.content_security_policy_nonce_generator
@@ -373,9 +373,7 @@ module Rails
       @config ||= Application::Configuration.new(self.class.find_root(self.class.called_from))
     end
 
-    def config=(configuration) #:nodoc:
-      @config = configuration
-    end
+    attr_writer :config
 
     # Returns secrets added to config/secrets.yml.
     #
@@ -400,22 +398,12 @@ module Rails
 
         # Fallback to config.secret_key_base if secrets.secret_key_base isn't set
         secrets.secret_key_base ||= config.secret_key_base
-        # Fallback to config.secret_token if secrets.secret_token isn't set
-        secrets.secret_token ||= config.secret_token
-
-        if secrets.secret_token.present?
-          ActiveSupport::Deprecation.warn(
-            "`secrets.secret_token` is deprecated in favor of `secret_key_base` and will be removed in Rails 6.0."
-          )
-        end
 
         secrets
       end
     end
 
-    def secrets=(secrets) #:nodoc:
-      @secrets = secrets
-    end
+    attr_writer :secrets
 
     # The secret_key_base is used as the input secret to the application's key generator, which in turn
     # is used to create all MessageVerifiers/MessageEncryptors, including the ones that sign and encrypt cookies.
@@ -426,8 +414,8 @@ module Rails
     # then credentials.secret_key_base, and finally secrets.secret_key_base. For most applications,
     # the correct place to store it is in the encrypted credentials file.
     def secret_key_base
-      if Rails.env.development? || Rails.env.test?
-        secrets.secret_key_base ||= generate_development_secret
+      if Rails.env.test? || Rails.env.development?
+        secrets.secret_key_base || Digest::MD5.hexdigest(self.class.name)
       else
         validate_secret_key_base(
           ENV["SECRET_KEY_BASE"] || credentials.secret_key_base || secrets.secret_key_base
@@ -438,13 +426,17 @@ module Rails
     # Decrypts the credentials hash as kept in +config/credentials.yml.enc+. This file is encrypted with
     # the Rails master key, which is either taken from <tt>ENV["RAILS_MASTER_KEY"]</tt> or from loading
     # +config/master.key+.
+    # If specific credentials file exists for current environment, it takes precedence, thus for +production+
+    # environment look first for +config/credentials/production.yml.enc+ with master key taken
+    # from <tt>ENV["RAILS_MASTER_KEY"]</tt> or from loading +config/credentials/production.key+.
+    # Default behavior can be overwritten by setting +config.credentials.content_path+ and +config.credentials.key_path+.
     def credentials
-      @credentials ||= encrypted("config/credentials.yml.enc")
+      @credentials ||= encrypted(config.credentials.content_path, key_path: config.credentials.key_path)
     end
 
     # Shorthand to decrypt any encrypted configurations or files.
     #
-    # For any file added with <tt>bin/rails encrypted:edit</tt> call +read+ to decrypt
+    # For any file added with <tt>rails encrypted:edit</tt> call +read+ to decrypt
     # the file with the master key.
     # The master key is either stored in +config/master.key+ or <tt>ENV["RAILS_MASTER_KEY"]</tt>.
     #
@@ -581,29 +573,13 @@ module Rails
         secret_key_base
       elsif secret_key_base
         raise ArgumentError, "`secret_key_base` for #{Rails.env} environment must be a type of String`"
-      elsif secrets.secret_token.blank?
+      else
         raise ArgumentError, "Missing `secret_key_base` for '#{Rails.env}' environment, set this string with `rails credentials:edit`"
       end
     end
 
     private
 
-      def generate_development_secret
-        if secrets.secret_key_base.nil?
-          key_file = Rails.root.join("tmp/development_secret.txt")
-
-          if !File.exist?(key_file)
-            random_key = SecureRandom.hex(64)
-            FileUtils.mkdir_p(key_file.dirname)
-            File.binwrite(key_file, random_key)
-          end
-
-          secrets.secret_key_base = File.binread(key_file)
-        end
-
-        secrets.secret_key_base
-      end
-
       def build_request(env)
         req = super
         env["ORIGINAL_FULLPATH"] = req.fullpath

data/lib/rails/application/configuration.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require "ipaddr"
 require "active_support/core_ext/kernel/reporting"
 require "active_support/file_update_checker"
 require "rails/engine/configuration"
@@ -11,13 +12,13 @@ module Rails
       attr_accessor :allow_concurrency, :asset_host, :autoflush_log,
                     :cache_classes, :cache_store, :consider_all_requests_local, :console,
                     :eager_load, :exceptions_app, :file_watcher, :filter_parameters,
-                    :force_ssl, :helpers_paths, :logger, :log_formatter, :log_tags,
-                    :railties_order, :relative_url_root, :secret_key_base, :secret_token,
+                    :force_ssl, :helpers_paths, :hosts, :logger, :log_formatter, :log_tags,
+                    :railties_order, :relative_url_root, :secret_key_base,
                     :ssl_options, :public_file_server,
                     :session_options, :time_zone, :reload_classes_only_on_change,
                     :beginning_of_week, :filter_redirect, :x, :enable_dependency_loading,
                     :read_encrypted_secrets, :log_level, :content_security_policy_report_only,
-                    :content_security_policy_nonce_generator, :require_master_key
+                    :content_security_policy_nonce_generator, :require_master_key, :credentials
 
       attr_reader :encoding, :api_only, :loaded_config_version
 
@@ -29,6 +30,7 @@ module Rails
         @filter_parameters                       = []
         @filter_redirect                         = []
         @helpers_paths                           = []
+        @hosts                                   = Array(([IPAddr.new("0.0.0.0/0"), IPAddr.new("::/0"), "localhost"] if Rails.env.development?))
         @public_file_server                      = ActiveSupport::OrderedOptions.new
         @public_file_server.enabled              = true
         @public_file_server.index_name           = "index"
@@ -48,7 +50,6 @@ module Rails
         @autoflush_log                           = true
         @log_formatter                           = ActiveSupport::Logger::SimpleFormatter.new
         @eager_load                              = nil
-        @secret_token                            = nil
         @secret_key_base                         = nil
         @api_only                                = false
         @debug_exception_response_format         = nil
@@ -60,6 +61,9 @@ module Rails
         @content_security_policy_nonce_generator = nil
         @require_master_key                      = false
         @loaded_config_version                   = nil
+        @credentials                             = ActiveSupport::OrderedOptions.new
+        @credentials.content_path                = default_credentials_content_path
+        @credentials.key_path                    = default_credentials_key_path
       end
 
       def load_defaults(target_version)
@@ -92,10 +96,6 @@ module Rails
 
           if respond_to?(:active_record)
             active_record.cache_versioning = true
-            # Remove the temporary load hook from SQLite3Adapter when this is removed
-            ActiveSupport.on_load(:active_record_sqlite3adapter) do
-              ActiveRecord::ConnectionAdapters::SQLite3Adapter.represent_boolean_as_integer = true
-            end
           end
 
           if respond_to?(:action_dispatch)
@@ -114,6 +114,29 @@ module Rails
           if respond_to?(:action_view)
             action_view.form_with_generates_ids = true
           end
+        when "6.0"
+          load_defaults "5.2"
+
+          if respond_to?(:action_view)
+            action_view.default_enforce_utf8 = false
+          end
+
+          if respond_to?(:action_dispatch)
+            action_dispatch.use_cookies_with_metadata = true
+          end
+
+          if respond_to?(:action_mailer)
+            action_mailer.delivery_job = "ActionMailer::MailDeliveryJob"
+          end
+
+          if respond_to?(:active_job)
+            active_job.return_false_on_aborted_enqueue = true
+          end
+
+          if respond_to?(:active_storage)
+            active_storage.queues.analysis = :active_storage_analysis
+            active_storage.queues.purge    = :active_storage_purge
+          end
         else
           raise "Unknown version #{target_version.to_s.inspect}"
         end
@@ -140,9 +163,7 @@ module Rails
         @debug_exception_response_format || :default
       end
 
-      def debug_exception_response_format=(value)
-        @debug_exception_response_format = value
-      end
+      attr_writer :debug_exception_response_format
 
       def paths
         @paths ||= begin
@@ -235,7 +256,7 @@ module Rails
       end
 
       def annotations
-        SourceAnnotationExtractor::Annotation
+        Rails::SourceAnnotationExtractor::Annotation
       end
 
       def content_security_policy(&block)
@@ -265,6 +286,27 @@ module Rails
           true
         end
       end
+
+      private
+        def default_credentials_content_path
+          if credentials_available_for_current_env?
+            root.join("config", "credentials", "#{Rails.env}.yml.enc")
+          else
+            root.join("config", "credentials.yml.enc")
+          end
+        end
+
+        def default_credentials_key_path
+          if credentials_available_for_current_env?
+            root.join("config", "credentials", "#{Rails.env}.key")
+          else
+            root.join("config", "master.key")
+          end
+        end
+
+        def credentials_available_for_current_env?
+          File.exist?(root.join("config", "credentials", "#{Rails.env}.yml.enc"))
+        end
     end
   end
 end