diff --git a/Gemfile b/Gemfile index cfb383ec..d713361e 100644 --- a/Gemfile +++ b/Gemfile @@ -1,16 +1,16 @@ # A sample Gemfile -source "http://rubygems.org" +source "https://rubygems.org" -gem "rails", '3.1.8' +gem "rails", '3.2.8' # Gems used only for assets and not required # in production environments by default. group :assets do - gem 'sass-rails', '~> 3.1.5' - gem 'coffee-rails', '~> 3.1.1' + gem 'sass-rails', '~> 3.2.3' + gem 'coffee-rails', '~> 3.2.1' # See https://github.com/sstephenson/execjs#readme for more supported runtimes - gem 'therubyracer' + gem 'therubyracer', :platforms => :ruby gem 'uglifier', '>= 1.0.3' end diff --git a/Gemfile.lock b/Gemfile.lock index 5b8fdad4..cb7d2cd9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -5,42 +5,41 @@ GIT localize_input (0.1.0) GEM - remote: http://rubygems.org/ + remote: https://rubygems.org/ specs: - actionmailer (3.1.8) - actionpack (= 3.1.8) - mail (~> 2.3.3) - actionpack (3.1.8) - activemodel (= 3.1.8) - activesupport (= 3.1.8) + actionmailer (3.2.8) + actionpack (= 3.2.8) + mail (~> 2.4.4) + actionpack (3.2.8) + activemodel (= 3.2.8) + activesupport (= 3.2.8) builder (~> 3.0.0) erubis (~> 2.7.0) - i18n (~> 0.6) - rack (~> 1.3.6) + journey (~> 1.0.4) + rack (~> 1.4.0) rack-cache (~> 1.2) - rack-mount (~> 0.8.2) rack-test (~> 0.6.1) - sprockets (~> 2.0.4) - activemodel (3.1.8) - activesupport (= 3.1.8) + sprockets (~> 2.1.3) + activemodel (3.2.8) + activesupport (= 3.2.8) builder (~> 3.0.0) - i18n (~> 0.6) - activerecord (3.1.8) - activemodel (= 3.1.8) - activesupport (= 3.1.8) - arel (~> 2.2.3) + activerecord (3.2.8) + activemodel (= 3.2.8) + activesupport (= 3.2.8) + arel (~> 3.0.2) tzinfo (~> 0.3.29) - activeresource (3.1.8) - activemodel (= 3.1.8) - activesupport (= 3.1.8) - activesupport (3.1.8) - multi_json (>= 1.0, < 1.3) - arel (2.2.3) + activeresource (3.2.8) + activemodel (= 3.2.8) + activesupport (= 3.2.8) + activesupport (3.2.8) + i18n (~> 0.6) + multi_json (~> 1.0) + arel (3.0.2) builder (3.0.3) client_side_validations (3.1.4) - coffee-rails (3.1.1) + coffee-rails (3.2.2) coffee-script (>= 2.2.0) - railties (~> 3.1.0) + railties (~> 3.2.0) coffee-script (2.2.0) coffee-script-source execjs @@ -70,12 +69,13 @@ GEM inherited_resources (1.3.1) has_scope (~> 0.5.0) responders (~> 0.6) + journey (1.0.4) jquery-rails (2.1.3) railties (>= 3.1.0, < 5.0) thor (~> 0.14) json (1.7.5) libv8 (3.3.10.4) - mail (2.3.3) + mail (2.4.4) i18n (>= 0.4.0) mime-types (~> 1.16) treetop (~> 1.4.8) @@ -85,7 +85,7 @@ GEM activesupport (~> 3.1) polyamorous (~> 0.5.0) mime-types (1.19) - multi_json (1.2.0) + multi_json (1.3.6) mysql2 (0.3.11) polyamorous (0.5.0) activerecord (~> 3.0) @@ -100,53 +100,50 @@ GEM prawn-core prawn-layout (0.3.2) prawn-security (0.1.1) - rack (1.3.6) + rack (1.4.1) rack-cache (1.2) rack (>= 0.4) - rack-mount (0.8.3) - rack (>= 1.0.0) rack-ssl (1.3.2) rack rack-test (0.6.2) rack (>= 1.0) - rails (3.1.8) - actionmailer (= 3.1.8) - actionpack (= 3.1.8) - activerecord (= 3.1.8) - activeresource (= 3.1.8) - activesupport (= 3.1.8) + rails (3.2.8) + actionmailer (= 3.2.8) + actionpack (= 3.2.8) + activerecord (= 3.2.8) + activeresource (= 3.2.8) + activesupport (= 3.2.8) bundler (~> 1.0) - railties (= 3.1.8) + railties (= 3.2.8) rails3_acts_as_paranoid (0.1.4) activerecord (~> 3.1) - railties (3.1.8) - actionpack (= 3.1.8) - activesupport (= 3.1.8) + railties (3.2.8) + actionpack (= 3.2.8) + activesupport (= 3.2.8) rack-ssl (~> 1.3.2) rake (>= 0.8.7) rdoc (~> 3.4) - thor (~> 0.14.6) + thor (>= 0.14.6, < 2.0) rake (0.9.2.2) rdoc (3.12) json (~> 1.4) responders (0.9.3) railties (~> 3.1) sass (3.2.1) - sass-rails (3.1.6) - actionpack (~> 3.1.0) - railties (~> 3.1.0) + sass-rails (3.2.5) + railties (~> 3.2.0) sass (>= 3.1.10) - tilt (~> 1.3.2) + tilt (~> 1.3) simple_form (2.0.3) actionpack (~> 3.0) activemodel (~> 3.0) - sprockets (2.0.4) + sprockets (2.1.3) hike (~> 1.2) rack (~> 1.0) tilt (~> 1.1, != 1.3.0) therubyracer (0.10.2) libv8 (~> 3.3.10) - thor (0.14.6) + thor (0.16.0) tilt (1.3.3) treetop (1.4.10) polyglot @@ -165,7 +162,7 @@ PLATFORMS DEPENDENCIES client_side_validations - coffee-rails (~> 3.1.1) + coffee-rails (~> 3.2.1) daemons delayed_job_active_record exception_notification @@ -177,9 +174,9 @@ DEPENDENCIES meta_search mysql2 prawn (<= 0.6.3) - rails (= 3.1.8) + rails (= 3.2.8) rails3_acts_as_paranoid (~> 0.1.4) - sass-rails (~> 3.1.5) + sass-rails (~> 3.2.3) simple_form therubyracer uglifier (>= 1.0.3) diff --git a/config/application.rb b/config/application.rb index 02908a07..72bc60a3 100644 --- a/config/application.rb +++ b/config/application.rb @@ -38,7 +38,21 @@ module Foodsoft # Configure sensitive parameters which will be filtered from the log file. config.filter_parameters += [:password] + + # Enable escaping HTML in JSON. + config.active_support.escape_html_entities_in_json = true + # Use SQL instead of Active Record's schema dumper when creating the database. + # This is necessary if your schema can't be completely dumped by the schema dumper, + # like if you have constraints or database-specific column types + # config.active_record.schema_format = :sql + + # Enforce whitelist mode for mass assignment. + # This will create an empty whitelist of attributes available for mass-assignment for all models + # in your app. As such, your models will need to explicitly whitelist or blacklist accessible + # parameters by using an attr_accessible or attr_protected declaration. + config.active_record.whitelist_attributes = false # TODO: Bette re-activate this! + # Enable the asset pipeline config.assets.enabled = true diff --git a/config/environments/development.rb.SAMPLE b/config/environments/development.rb.SAMPLE index d46a49bb..ae18f325 100644 --- a/config/environments/development.rb.SAMPLE +++ b/config/environments/development.rb.SAMPLE @@ -22,6 +22,13 @@ Foodsoft::Application.configure do # Only use best-standards-support built into browsers config.action_dispatch.best_standards_support = :builtin + # Raise exception on mass assignment protection for Active Record models + config.active_record.mass_assignment_sanitizer = :strict + + # Log the query plan for queries taking more than this (works + # with SQLite, MySQL, and PostgreSQL) + config.active_record.auto_explain_threshold_in_seconds = 0.5 + # Do not compress assets config.assets.compress = false diff --git a/config/environments/production.rb b/config/environments/production.rb index 077fa120..0b11b1f7 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -20,7 +20,7 @@ Foodsoft::Application.configure do # Generate digests for assets URLs config.assets.digest = true - # Defaults to Rails.root.join("public/assets") + # # Defaults to nil and saved in location specified by config.assets.prefix # config.assets.manifest = YOUR_PATH # Specifies the header that your server uses for sending files @@ -33,8 +33,11 @@ Foodsoft::Application.configure do # See everything in the log (default is :info) # config.log_level = :debug + # Prepend all log lines with the following tags + # config.log_tags = [ :subdomain, :uuid ] + # Use a different logger for distributed setups - # config.logger = SyslogLogger.new + # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new) # Use a different cache store in production # config.cache_store = :mem_cache_store @@ -58,6 +61,10 @@ Foodsoft::Application.configure do # Send deprecation notices to registered listeners config.active_support.deprecation = :notify + # Log the query plan for queries taking more than this (works + # with SQLite, MySQL, and PostgreSQL) + # config.active_record.auto_explain_threshold_in_seconds = 0.5 + # Use sendmail to avoid ssl cert problems config.action_mailer.delivery_method = :sendmail end diff --git a/config/environments/test.rb b/config/environments/test.rb index c74169d0..30c06137 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -29,10 +29,8 @@ Foodsoft::Application.configure do # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test - # Use SQL instead of Active Record's schema dumper when creating the test database. - # This is necessary if your schema can't be completely dumped by the schema dumper, - # like if you have constraints or database-specific column types - # config.active_record.schema_format = :sql + # Raise exception on mass assignment protection for Active Record models + config.active_record.mass_assignment_sanitizer = :strict # Print deprecation notices to the stderr config.active_support.deprecation = :stderr diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index 9e8b0131..c113bdc8 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -8,3 +8,9 @@ # inflect.irregular 'person', 'people' # inflect.uncountable %w( fish sheep ) # end +# +# These inflection rules are supported but not enabled by default: +# ActiveSupport::Inflector.inflections do |inflect| +# inflect.acronym 'RESTful' +# end + diff --git a/config/routes.rb b/config/routes.rb index 41d9fad3..b483ac61 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -174,7 +174,7 @@ Foodsoft::Application.routes.draw do resources :users, :only => [:index] - match '/:controller(/:action(/:id))' + match ':controller(/:action(/:id))(.:format)' end # End of /:foodcoop scope end