railties 7.0.8 → 7.1.0.rc1

data/lib/rails/command.rb

@@ -3,6 +3,7 @@
 require "active_support"
 require "active_support/core_ext/enumerable"
 require "active_support/core_ext/object/blank"
+require "rails/deprecator"
 
 require "thor"
 
@@ -13,9 +14,40 @@ module Rails
     autoload :Behavior
     autoload :Base
 
+    class CorrectableNameError < StandardError # :nodoc:
+      attr_reader :name
+
+      def initialize(message, name, alternatives)
+        @name = name
+        @alternatives = alternatives
+        super(message)
+      end
+
+      if !Exception.method_defined?(:detailed_message)
+        def detailed_message(...)
+          message
+        end
+      end
+
+      if defined?(DidYouMean::Correctable) && defined?(DidYouMean::SpellChecker)
+        include DidYouMean::Correctable
+
+        def corrections
+          @corrections ||= DidYouMean::SpellChecker.new(dictionary: @alternatives).correct(name)
+        end
+      end
+    end
+
+    class UnrecognizedCommandError < CorrectableNameError # :nodoc:
+      def initialize(name)
+        super("Unrecognized command #{name.inspect}", name, Command.printing_commands.map(&:first))
+      end
+    end
+
     include Behavior
 
-    HELP_MAPPINGS = %w(-h -? --help)
+    HELP_MAPPINGS = %w(-h -? --help).to_set
+    VERSION_MAPPINGS = %w(-v --version).to_set
 
     class << self
       def hidden_commands # :nodoc:
@@ -28,30 +60,26 @@ module Rails
 
       # Receives a namespace, arguments, and the behavior to invoke the command.
       def invoke(full_namespace, args = [], **config)
-        namespace = full_namespace = full_namespace.to_s
-
-        if char = namespace =~ /:(\w+)$/
-          command_name, namespace = $1, namespace.slice(0, char)
-        else
-          command_name = namespace
-        end
-
-        command_name, namespace = "help", "help" if command_name.blank? || HELP_MAPPINGS.include?(command_name)
-        command_name, namespace, args = "application", "application", ["--help"] if rails_new_with_no_path?(args)
-        command_name, namespace = "version", "version" if %w( -v --version ).include?(command_name)
-
-        original_argv = ARGV.dup
-        ARGV.replace(args)
+        args = ["--help"] if rails_new_with_no_path?(args)
 
+        full_namespace = full_namespace.to_s
+        namespace, command_name = split_namespace(full_namespace)
         command = find_by_namespace(namespace, command_name)
-        if command && command.all_commands[command_name]
-          command.perform(command_name, args, config)
+
+        with_argv(args) do
+          if command && command.all_commands[command_name]
+            command.perform(command_name, args, config)
+          else
+            invoke_rake(full_namespace, args, config)
+          end
+        end
+      rescue UnrecognizedCommandError => error
+        if error.name == full_namespace && command && command_name == full_namespace
+          command.perform("help", [], config)
         else
-          args = ["--describe", full_namespace] if HELP_MAPPINGS.include?(args[0])
-          find_by_namespace("rake").perform(full_namespace, args, config)
+          puts error.detailed_message
         end
-      ensure
-        ARGV.replace(original_argv)
+        exit(1)
       end
 
       # Rails finds namespaces similar to Thor, it only adds one rule:
@@ -76,33 +104,56 @@ module Rails
         namespaces[(lookups & namespaces.keys).first]
       end
 
-      # Returns the root of the Rails engine or app running the command.
+      # Returns the root of the \Rails engine or app running the command.
       def root
         if defined?(ENGINE_ROOT)
           Pathname.new(ENGINE_ROOT)
-        elsif defined?(APP_PATH)
-          Pathname.new(File.expand_path("../..", APP_PATH))
+        else
+          application_root
         end
       end
 
-      def print_commands # :nodoc:
-        commands.each { |command| puts("  #{command}") }
+      def application_root # :nodoc:
+        Pathname.new(File.expand_path("../..", APP_PATH)) if defined?(APP_PATH)
       end
 
-      private
-        COMMANDS_IN_USAGE = %w(generate console server test test:system dbconsole new)
-        private_constant :COMMANDS_IN_USAGE
+      def printing_commands # :nodoc:
+        lookup!
+
+        (subclasses - hidden_commands).flat_map(&:printing_commands)
+      end
 
+      private
         def rails_new_with_no_path?(args)
           args == ["new"]
         end
 
-        def commands
-          lookup!
+        def split_namespace(namespace)
+          case namespace
+          when /^(.+):(\w+)$/
+            [$1, $2]
+          when ""
+            ["help", "help"]
+          when HELP_MAPPINGS, "help"
+            ["help", "help_extended"]
+          when VERSION_MAPPINGS
+            ["version", "version"]
+          else
+            [namespace, namespace]
+          end
+        end
 
-          visible_commands = (subclasses - hidden_commands).flat_map(&:printing_commands)
+        def with_argv(argv)
+          original_argv = ARGV.dup
+          ARGV.replace(argv)
+          yield
+        ensure
+          ARGV.replace(original_argv)
+        end
 
-          (visible_commands - COMMANDS_IN_USAGE).sort
+        def invoke_rake(task, args, config)
+          args = ["--describe", task] if HELP_MAPPINGS.include?(args[0])
+          find_by_namespace("rake").perform(task, args, config)
         end
 
         def command_type # :doc:

data/lib/rails/commands/about/about_command.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Rails
+  module Command
+    class AboutCommand < Base # :nodoc:
+      desc "about", "List versions of all Rails frameworks and the environment"
+      def perform
+        boot_application!
+
+        say Rails::Info
+      end
+    end
+  end
+end

data/lib/rails/commands/application/application_command.rb

@@ -18,6 +18,8 @@ module Rails
     class ApplicationCommand < Base # :nodoc:
       hide_command!
 
+      self.bin = "rails"
+
       def help
         perform # Punt help output to the generator.
       end

data/lib/rails/commands/console/console_command.rb

@@ -1,8 +1,5 @@
 # frozen_string_literal: true
 
-require "irb"
-require "irb/completion"
-
 require "rails/command/environment_argument"
 
 module Rails
@@ -34,19 +31,26 @@ module Rails
 
       app.load_console
 
-      @console = app.config.console || IRB
+      @console = app.config.console || begin
+        require "irb"
+        require "irb/completion"
 
-      if @console == IRB
         IRB::WorkSpace.prepend(BacktraceCleaner)
 
-        if Rails.env.production?
+        if !Rails.env.local?
           ENV["IRB_USE_AUTOCOMPLETE"] ||= "false"
         end
+
+        IRB
       end
     end
 
     def sandbox?
-      options[:sandbox]
+      return options[:sandbox] if !options[:sandbox].nil?
+
+      return false if Rails.env.local?
+
+      app.config.sandbox_by_default
     end
 
     def environment
@@ -79,7 +83,7 @@ module Rails
     class ConsoleCommand < Base # :nodoc:
       include EnvironmentArgument
 
-      class_option :sandbox, aliases: "-s", type: :boolean, default: false,
+      class_option :sandbox, aliases: "-s", type: :boolean, default: nil,
         desc: "Rollback database modifications on exit."
 
       def initialize(args = [], local_options = {}, config = {})
@@ -96,13 +100,9 @@ module Rails
         super(args, local_options, config)
       end
 
+      desc "console", "Start the Rails console"
       def perform
-        extract_environment_option_from_argument
-
-        # RAILS_ENV needs to be set before config/application is required.
-        ENV["RAILS_ENV"] = options[:environment]
-
-        require_application_and_environment!
+        boot_application!
         Rails::Console.start(Rails.application, options)
       end
     end

data/lib/rails/commands/credentials/USAGE

@@ -1,75 +1,73 @@
-=== Storing Encrypted Credentials in Source Control
+Description:
+    The Rails `credentials` commands provide access to encrypted credentials,
+    so you can safely store access tokens, database passwords, and the like
+    safely inside the app without relying on a mess of ENVs.
 
-The Rails `credentials` commands provide access to encrypted credentials,
-so you can safely store access tokens, database passwords, and the like
-safely inside the app without relying on a mess of ENVs.
+    This also allows for atomic deploys: no need to coordinate key changes
+    to get everything working as the keys are shipped with the code.
 
-This also allows for atomic deploys: no need to coordinate key changes
-to get everything working as the keys are shipped with the code.
+Setup:
+    Applications after Rails 5.2 automatically have a basic credentials file generated
+    that just contains the secret_key_base used by MessageVerifiers/MessageEncryptors, like the ones
+    signing and encrypting cookies.
 
-=== Setup
+    For applications created prior to Rails 5.2, we'll automatically generate a new
+    credentials file in `config/credentials.yml.enc` the first time you run `<%= executable(:edit) %>`.
+    If you didn't have a master key saved in `config/master.key`, that'll be created too.
 
-Applications after Rails 5.2 automatically have a basic credentials file generated
-that just contains the secret_key_base used by MessageVerifiers/MessageEncryptors, like the ones
-signing and encrypting cookies.
+    Don't lose this master key! Put it in a password manager your team can access.
+    Should you lose it no one, including you, will be able to access any encrypted
+    credentials.
 
-For applications created prior to Rails 5.2, we'll automatically generate a new
-credentials file in `config/credentials.yml.enc` the first time you run `bin/rails credentials:edit`.
-If you didn't have a master key saved in `config/master.key`, that'll be created too.
+    Don't commit the key! Add `config/master.key` to your source control's
+    ignore file. If you use Git, Rails handles this for you.
 
-Don't lose this master key! Put it in a password manager your team can access.
-Should you lose it no one, including you, will be able to access any encrypted
-credentials.
+    Rails also looks for the master key in `ENV["RAILS_MASTER_KEY"]`, in case that
+    is easier to manage. You could set `RAILS_MASTER_KEY` in a deployment
+    configuration, or you could prepend it to your server's start command like so:
 
-Don't commit the key! Add `config/master.key` to your source control's
-ignore file. If you use Git, Rails handles this for you.
+        RAILS_MASTER_KEY="very-secret-and-secure" server.start
 
-Rails also looks for the master key in `ENV["RAILS_MASTER_KEY"]`, if that's easier to manage.
+    If `ENV["RAILS_MASTER_KEY"]` is present, it takes precedence over
+    `config/master.key`.
 
-You could prepend that to your server's start command like this:
+Set up Git to Diff Credentials:
+    Rails provides `<%= executable(:diff) %> --enroll` to instruct Git to call
+    `<%= executable(:diff) %>` when `git diff` is run on a credentials file.
 
-   RAILS_MASTER_KEY="very-secret-and-secure" server.start
+    Running the command enrolls the project such that all credentials files use the
+    "rails_credentials" diff driver in .gitattributes.
 
-=== Set up Git to Diff Credentials
+    Additionally since Git requires the driver itself to be set up in a config file
+    that isn't tracked Rails automatically ensures it's configured when running
+    `<%= executable(:edit) %>`.
 
-Rails provides `bin/rails credentials:diff --enroll` to instruct Git to call
-`bin/rails credentials:diff` when `git diff` is run on a credentials file.
+    Otherwise each co-worker would have to run enable manually, including on each new
+    repo clone.
 
-Running the command enrolls the project such that all credentials files use the
-"rails_credentials" diff driver in .gitattributes.
+    To disenroll from this feature, run `<%= executable(:diff) %> --disenroll`.
 
-Additionally since Git requires the driver itself to be set up in a config file
-that isn't tracked Rails automatically ensures it's configured when running
-`credentials:edit`.
+Editing Credentials:
+    This will open a temporary file in `$VISUAL` or `$EDITOR` with the decrypted
+    contents to edit the encrypted credentials.
 
-Otherwise each co-worker would have to run enable manually, including on each new
-repo clone.
+    When the temporary file is next saved the contents are encrypted and written to
+    `config/credentials.yml.enc` while the file itself is destroyed to prevent credentials
+    from leaking.
 
-To disenroll from this feature, run `bin/rails credentials:diff --disenroll`.
+Environment Specific Credentials:
+    The `credentials` command supports passing an `--environment` option to create an
+    environment specific override. That override will take precedence over the
+    global `config/credentials.yml.enc` file when running in that environment. So:
 
-=== Editing Credentials
+        <%= executable(:edit) %> --environment development
 
-This will open a temporary file in `$EDITOR` with the decrypted contents to edit
-the encrypted credentials.
+    will create `config/credentials/development.yml.enc` with the corresponding
+    encryption key in `config/credentials/development.key` if the credentials file
+    doesn't exist.
 
-When the temporary file is next saved the contents are encrypted and written to
-`config/credentials.yml.enc` while the file itself is destroyed to prevent credentials
-from leaking.
+    In addition to that, the default credentials lookup paths can be overridden through
+    `config.credentials.content_path` and `config.credentials.key_path`.
 
-=== Environment Specific Credentials
-
-The `credentials` command supports passing an `--environment` option to create an
-environment specific override. That override will take precedence over the
-global `config/credentials.yml.enc` file when running in that environment. So:
-
-   bin/rails credentials:edit --environment development
-
-will create `config/credentials/development.yml.enc` with the corresponding
-encryption key in `config/credentials/development.key` if the credentials file
-doesn't exist.
-
-The encryption key can also be put in `ENV["RAILS_MASTER_KEY"]`, which takes
-precedence over the file encryption key.
-
-In addition to that, the default credentials lookup paths can be overridden through
-`config.credentials.content_path` and `config.credentials.key_path`.
+    Just as with `config/master.key`, `ENV["RAILS_MASTER_KEY"]` takes precedence
+    over any environment specific or specially configured key files.

data/lib/rails/commands/credentials/credentials_command/diffing.rb

@@ -13,7 +13,8 @@ module Rails::Command::CredentialsCommand::Diffing # :nodoc:
       gitattributes.write(GITATTRIBUTES_ENTRY, mode: "a")
 
       say "Enrolled project in credentials file diffing!"
-      say "Rails ensures the rails_credentials diff driver is set when running `credentials:edit`. See `credentials:help` for more."
+      say ""
+      say "Rails will configure the Git diff driver for credentials when running `#{executable(:edit)}`. See `#{executable(:help)}` for more information."
     end
   end
 
@@ -42,10 +43,11 @@ module Rails::Command::CredentialsCommand::Diffing # :nodoc:
     end
 
     def configure_diffing_driver
-      system "git config diff.rails_credentials.textconv 'bin/rails credentials:diff'"
+      system "git config diff.rails_credentials.textconv '#{executable(:diff)}'"
+      say "Configured Git diff driver for credentials."
     end
 
     def gitattributes
-      Rails.root.join(".gitattributes")
+      @gitattributes ||= (Rails::Command.root || Pathname.pwd).join(".gitattributes")
     end
 end

data/lib/rails/commands/credentials/credentials_command.rb

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 
 require "pathname"
-require "shellwords"
 require "active_support"
 require "rails/command/helpers/editor"
 require "rails/command/environment_argument"
@@ -15,56 +14,42 @@ module Rails
       require_relative "credentials_command/diffing"
       include Diffing
 
-      self.environment_desc = "Uses credentials from config/credentials/:environment.yml.enc encrypted by config/credentials/:environment.key key"
-
-      no_commands do
-        def help
-          say "Usage:\n  #{self.class.banner}"
-          say ""
-          say self.class.desc
-        end
-      end
-
+      desc "edit", "Open the decrypted credentials in `$VISUAL` or `$EDITOR` for editing"
       def edit
-        extract_environment_option_from_argument(default_environment: nil)
-        require_application!
+        load_environment_config!
+        load_generators
 
-        ensure_editor_available(command: "bin/rails credentials:edit") || (return)
+        if environment_specified?
+          @content_path = "config/credentials/#{environment}.yml.enc" unless config.key?(:content_path)
+          @key_path = "config/credentials/#{environment}.key" unless config.key?(:key_path)
+        end
 
-        ensure_encryption_key_has_been_added if credentials.key.nil?
+        ensure_encryption_key_has_been_added
         ensure_credentials_have_been_added
         ensure_diffing_driver_is_configured
 
-        catch_editing_exceptions do
-          change_credentials_in_system_editor
-        end
-
-        say "File encrypted and saved."
-      rescue ActiveSupport::MessageEncryptor::InvalidMessage
-        say "Couldn't decrypt #{content_path}. Perhaps you passed the wrong key?"
+        change_credentials_in_system_editor
       end
 
+      desc "show", "Show the decrypted credentials"
       def show
-        extract_environment_option_from_argument(default_environment: nil)
-        require_application!
+        load_environment_config!
 
         say credentials.read.presence || missing_credentials_message
       end
 
+      desc "diff", "Enroll/disenroll in decrypted diffs of credentials using git"
       option :enroll, type: :boolean, default: false,
-        desc: "Enrolls project in credentials file diffing with `git diff`"
-
+        desc: "Enroll project in credentials file diffing with `git diff`"
       option :disenroll, type: :boolean, default: false,
-        desc: "Disenrolls project from credentials file diffing"
-
+        desc: "Disenroll project from credentials file diffing"
       def diff(content_path = nil)
         if @content_path = content_path
-          extract_environment_option_from_argument(default_environment: extract_environment_from_path(content_path))
-          require_application!
+          self.environment = extract_environment_from_path(content_path)
+          load_environment_config!
 
           say credentials.read.presence || credentials.content_path.read
         else
-          require_application!
           disenroll_project_from_credentials_diffing if options[:disenroll]
           enroll_project_in_credentials_diffing if options[:enroll]
         end
@@ -73,68 +58,77 @@ module Rails
       end
 
       private
+        def config
+          Rails.application.config.credentials
+        end
+
+        def content_path
+          @content_path ||= relative_path(config.content_path)
+        end
+
+        def key_path
+          @key_path ||= relative_path(config.key_path)
+        end
+
         def credentials
-          Rails.application.encrypted(content_path, key_path: key_path)
+          @credentials ||= Rails.application.encrypted(content_path, key_path: key_path)
         end
 
         def ensure_encryption_key_has_been_added
+          return if credentials.key?
+
+          require "rails/generators/rails/encryption_key_file/encryption_key_file_generator"
+
+          encryption_key_file_generator = Rails::Generators::EncryptionKeyFileGenerator.new
           encryption_key_file_generator.add_key_file(key_path)
           encryption_key_file_generator.ignore_key_file(key_path)
         end
 
         def ensure_credentials_have_been_added
-          if options[:environment]
-            encrypted_file_generator.add_encrypted_file_silently(content_path, key_path)
-          else
-            credentials_generator.add_credentials_file_silently
-          end
+          require "rails/generators/rails/credentials/credentials_generator"
+
+          Rails::Generators::CredentialsGenerator.new(
+            [content_path, key_path],
+            skip_secret_key_base: environment_specified? && %w[development test].include?(environment),
+            quiet: true
+          ).invoke_all
         end
 
         def change_credentials_in_system_editor
-          credentials.change do |tmp_path|
-            system(*Shellwords.split(ENV["EDITOR"]), tmp_path.to_s)
+          using_system_editor do
+            say "Editing #{content_path}..."
+            credentials.change { |tmp_path| system_editor(tmp_path) }
+            say "File encrypted and saved."
+            warn_if_credentials_are_invalid
           end
+        rescue ActiveSupport::EncryptedFile::MissingKeyError => error
+          say error.message
+        rescue ActiveSupport::MessageEncryptor::InvalidMessage
+          say "Couldn't decrypt #{content_path}. Perhaps you passed the wrong key?"
+        end
+
+        def warn_if_credentials_are_invalid
+          credentials.validate!
+        rescue ActiveSupport::EncryptedConfiguration::InvalidContentError => error
+          say "WARNING: #{error.message}", :red
+          say ""
+          say "Your application will not be able to load '#{content_path}' until the error has been fixed.", :red
         end
 
         def missing_credentials_message
-          if credentials.key.nil?
-            "Missing '#{key_path}' to decrypt credentials. See `bin/rails credentials:help`"
+          if !credentials.key?
+            "Missing '#{key_path}' to decrypt credentials. See `#{executable(:help)}`."
           else
-            "File '#{content_path}' does not exist. Use `bin/rails credentials:edit` to change that."
+            "File '#{content_path}' does not exist. Use `#{executable(:edit)}` to change that."
           end
         end
 
-        def content_path
-          @content_path ||= options[:environment] ? "config/credentials/#{options[:environment]}.yml.enc" : "config/credentials.yml.enc"
-        end
-
-        def key_path
-          options[:environment] ? "config/credentials/#{options[:environment]}.key" : "config/master.key"
+        def relative_path(path)
+          Rails.root.join(path).relative_path_from(Rails.root).to_s
         end
 
         def extract_environment_from_path(path)
-          available_environments.find { |env| path.include? env } if path.end_with?(".yml.enc")
-        end
-
-        def encryption_key_file_generator
-          require "rails/generators"
-          require "rails/generators/rails/encryption_key_file/encryption_key_file_generator"
-
-          Rails::Generators::EncryptionKeyFileGenerator.new
-        end
-
-        def encrypted_file_generator
-          require "rails/generators"
-          require "rails/generators/rails/encrypted_file/encrypted_file_generator"
-
-          Rails::Generators::EncryptedFileGenerator.new
-        end
-
-        def credentials_generator
-          require "rails/generators"
-          require "rails/generators/rails/credentials/credentials_generator"
-
-          Rails::Generators::CredentialsGenerator.new
+          available_environments.find { |env| path.end_with?("#{env}.yml.enc") }
         end
     end
   end

data/lib/rails/commands/db/system/change/change_command.rb

@@ -15,7 +15,8 @@ module Rails
             super
           end
 
-          def perform
+          desc "change", "Change `config/database.yml` and your database gem to the target database"
+          def perform(*)
             Rails::Generators::Db::System::ChangeGenerator.start(@argv)
           end
         end