From bae3de1da3410269ade32aec331205118d1b499b Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 15:21:41 -0600 Subject: [PATCH 01/18] Update gems based on vulnerabilities --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 205ee8eb..0544c4d8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -210,7 +210,7 @@ GEM nio4r (~> 2.0) raabro (1.4.0) racc (1.8.0) - rack (3.1.4) + rack (3.1.6) rack-mini-profiler (3.3.1) rack (>= 1.2.0) rack-session (2.0.0) From f7faaa97802455e4abfde1ad54a4e69ce4eec469 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 15:54:38 -0600 Subject: [PATCH 02/18] Add brakeman and rack-attack --- Gemfile | 2 + Gemfile.lock | 6 +++ config/initializers/rack_attack.rb | 78 ++++++++++++++++++++++++++++++ 3 files changed, 86 insertions(+) create mode 100644 config/initializers/rack_attack.rb diff --git a/Gemfile b/Gemfile index a7d5231f..db707503 100644 --- a/Gemfile +++ b/Gemfile @@ -27,6 +27,7 @@ gem "action_policy", "~> 0.7.0" # Other gem "bootsnap", require: false gem "puma", ">= 5.0" +gem "rack-attack", "~> 6.7" gem "tzinfo-data", platforms: %i[windows jruby] group :development, :test do @@ -45,6 +46,7 @@ group :development, :test do end group :development do + gem "brakeman" gem "rack-mini-profiler" gem "web-console" end diff --git a/Gemfile.lock b/Gemfile.lock index 0544c4d8..416430d0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -95,6 +95,8 @@ GEM bindex (0.8.1) bootsnap (1.18.3) msgpack (~> 1.2) + brakeman (6.1.2) + racc builder (3.3.0) byebug (11.1.3) capybara (3.40.0) @@ -211,6 +213,8 @@ GEM raabro (1.4.0) racc (1.8.0) rack (3.1.6) + rack-attack (6.7.0) + rack (>= 1.0, < 4) rack-mini-profiler (3.3.1) rack (>= 1.2.0) rack-session (2.0.0) @@ -368,6 +372,7 @@ DEPENDENCIES action_policy (~> 0.7.0) activerecord-enhancedsqlite3-adapter (~> 0.8.0) bootsnap + brakeman capybara cuprite debug @@ -379,6 +384,7 @@ DEPENDENCIES propshaft pry-byebug puma (>= 5.0) + rack-attack (~> 6.7) rack-mini-profiler rails (~> 7.1.3, >= 7.1.3.4) rspec-instafail diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb new file mode 100644 index 00000000..4c35272f --- /dev/null +++ b/config/initializers/rack_attack.rb @@ -0,0 +1,78 @@ +class Rack::Attack + + ### Configure Cache ### + + # If you don't want to use Rails.cache (Rack::Attack's default), then + # configure it here. + # + # Note: The store is only used for throttling (not blocklisting and + # safelisting). It must implement .increment and .write like + # ActiveSupport::Cache::Store + + # Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new + + ### Throttle Spammy Clients ### + + # If any single client IP is making tons of requests, then they're + # probably malicious or a poorly-configured scraper. Either way, they + # don't deserve to hog all of the app server's CPU. Cut them off! + # + # Note: If you're serving assets through rack, those requests may be + # counted by rack-attack and this throttle may be activated too + # quickly. If so, enable the condition to exclude them from tracking. + + # Throttle all requests by IP (60rpm) + # + # Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}" + throttle('req/ip', limit: 300, period: 5.minutes) do |req| + req.ip # unless req.path.start_with?('/assets') + end + + ### Prevent Brute-Force Login Attacks ### + + # The most common brute-force login attack is a brute-force password + # attack where an attacker simply tries a large number of emails and + # passwords to see if any credentials match. + # + # Another common method of attack is to use a swarm of computers with + # different IPs to try brute-forcing a password for a specific account. + + # Throttle POST requests to /login by IP address + # + # Key: "rack::attack:#{Time.now.to_i/:period}:logins/ip:#{req.ip}" + throttle('logins/ip', limit: 5, period: 20.seconds) do |req| + if req.path == '/login' && req.post? + req.ip + end + end + + # Throttle POST requests to /login by email param + # + # Key: "rack::attack:#{Time.now.to_i/:period}:logins/email:#{normalized_email}" + # + # Note: This creates a problem where a malicious user could intentionally + # throttle logins for another user and force their login requests to be + # denied, but that's not very common and shouldn't happen to you. (Knock + # on wood!) + throttle('logins/email', limit: 5, period: 20.seconds) do |req| + if req.path == '/login' && req.post? + # Normalize the email, using the same logic as your authentication process, to + # protect against rate limit bypasses. Return the normalized email if present, nil otherwise. + req.params['email'].to_s.downcase.gsub(/\s+/, "").presence + end + end + + ### Custom Throttle Response ### + + # By default, Rack::Attack returns an HTTP 429 for throttled responses, + # which is just fine. + # + # If you want to return 503 so that the attacker might be fooled into + # believing that they've successfully broken your app (or you just want to + # customize the response), then uncomment these lines. + # self.throttled_responder = lambda do |env| + # [ 503, # status + # {}, # headers + # ['']] # body + # end +end \ No newline at end of file From 3cfcc39a548fb32ac8d3f4458b9207b3ab8701c5 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 16:06:24 -0600 Subject: [PATCH 03/18] Add ci config file --- .github/workflows/github-actions.yml | 88 ++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 .github/workflows/github-actions.yml diff --git a/.github/workflows/github-actions.yml b/.github/workflows/github-actions.yml new file mode 100644 index 00000000..6c0a56d9 --- /dev/null +++ b/.github/workflows/github-actions.yml @@ -0,0 +1,88 @@ +name: CI + +on: + push: + branches: + - main + pull_request: + branches: + - "**" + +env: + CI: true + RSPEC_RETRY_RETRY_COUNT: 3 + RAILS_ENV: test + RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }} + +jobs: + linters: + name: Linters + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Setup Ruby and install gems + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + - name: Setup Node + uses: actions/setup-node@v4 + - name: Run RuboCop + run: bundle exec rubocop + - name: Run ERB Lint + run: bundle exec erblint --lint-all + - name: Run StandardJS + run: | + npm install standard --global + standard + - name: Run spell checker + uses: crate-ci/typos@master + + security: + name: Security + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Setup Ruby and install gems + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + - name: Run brakeman + run: | + bundle exec brakeman -w3 + - name: Run bundler-audit + run: | + bundle exec bundle-audit check --update + + code_quality: + name: Code quality + runs-on: ubuntu-latest + services: + postgres: + image: postgres:16.2 + env: + POSTGRES_USER: root + POSTGRES_PASSWORD: postgres + ports: + - 5432:5432 + options: >- + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 + if: ${{ github.ref_name != 'main' }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Setup Ruby and install gems + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + - name: Run rubycritic + run: | + bundle exec rubycritic --mode-ci main --no-browser + - name: Run database consistency + run: | + bundle exec rails db:test:prepare + bundle exec database_consistency -c .database_consistency.todo.yml \ No newline at end of file From 74aa4922b28bc871471189f7c580552aabc33054 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 16:09:03 -0600 Subject: [PATCH 04/18] Add platform for CI --- Gemfile.lock | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Gemfile.lock b/Gemfile.lock index 416430d0..3918808f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -190,6 +190,8 @@ GEM nio4r (2.7.3) nokogiri (1.16.6-arm64-darwin) racc (~> 1.4) + nokogiri (1.16.6-x86_64-linux) + racc (~> 1.4) parallel (1.25.1) parser (3.3.3.0) ast (~> 2.4.1) @@ -325,6 +327,7 @@ GEM fugit (~> 1.11.0) railties (>= 7.1) sqlite3 (1.7.3-arm64-darwin) + sqlite3 (1.7.3-x86_64-linux) standard (1.39.0) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.0) @@ -343,6 +346,8 @@ GEM strscan (3.1.0) tailwindcss-rails (2.6.1-arm64-darwin) railties (>= 7.0.0) + tailwindcss-rails (2.6.1-x86_64-linux) + railties (>= 7.0.0) thor (1.3.1) timeout (0.4.1) turbo-rails (2.0.5) @@ -367,6 +372,7 @@ GEM PLATFORMS arm64-darwin-23 + x86_64-linux DEPENDENCIES action_policy (~> 0.7.0) From 4f048ef24d0df1e18aee5368c027c07111673ef3 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 16:11:23 -0600 Subject: [PATCH 05/18] Add rubocop fixes --- config/initializers/rack_attack.rb | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb index 4c35272f..29d8a64a 100644 --- a/config/initializers/rack_attack.rb +++ b/config/initializers/rack_attack.rb @@ -1,5 +1,4 @@ class Rack::Attack - ### Configure Cache ### # If you don't want to use Rails.cache (Rack::Attack's default), then @@ -9,7 +8,7 @@ class Rack::Attack # safelisting). It must implement .increment and .write like # ActiveSupport::Cache::Store - # Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new + # Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new ### Throttle Spammy Clients ### @@ -24,7 +23,7 @@ class Rack::Attack # Throttle all requests by IP (60rpm) # # Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}" - throttle('req/ip', limit: 300, period: 5.minutes) do |req| + throttle("req/ip", limit: 300, period: 5.minutes) do |req| req.ip # unless req.path.start_with?('/assets') end @@ -40,8 +39,8 @@ class Rack::Attack # Throttle POST requests to /login by IP address # # Key: "rack::attack:#{Time.now.to_i/:period}:logins/ip:#{req.ip}" - throttle('logins/ip', limit: 5, period: 20.seconds) do |req| - if req.path == '/login' && req.post? + throttle("logins/ip", limit: 5, period: 20.seconds) do |req| + if req.path == "/login" && req.post? req.ip end end @@ -54,11 +53,11 @@ class Rack::Attack # throttle logins for another user and force their login requests to be # denied, but that's not very common and shouldn't happen to you. (Knock # on wood!) - throttle('logins/email', limit: 5, period: 20.seconds) do |req| - if req.path == '/login' && req.post? + throttle("logins/email", limit: 5, period: 20.seconds) do |req| + if req.path == "/login" && req.post? # Normalize the email, using the same logic as your authentication process, to # protect against rate limit bypasses. Return the normalized email if present, nil otherwise. - req.params['email'].to_s.downcase.gsub(/\s+/, "").presence + req.params["email"].to_s.downcase.gsub(/\s+/, "").presence end end @@ -75,4 +74,4 @@ class Rack::Attack # {}, # headers # ['']] # body # end -end \ No newline at end of file +end From 81bd22d91166a9cfe2e9dcd65db5fef6d595dd6e Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 16:17:01 -0600 Subject: [PATCH 06/18] Add or move gems --- Gemfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index db707503..9c9dd861 100644 --- a/Gemfile +++ b/Gemfile @@ -32,6 +32,8 @@ gem "tzinfo-data", platforms: %i[windows jruby] group :development, :test do # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem + gem "brakeman" + gem "bundle-audit" gem "debug", platforms: %i[mri windows] gem "dotenv" gem "erb_lint", require: false @@ -42,11 +44,11 @@ group :development, :test do gem "rubocop-rails", require: false gem "rubocop-rspec", require: false gem "rubocop-rspec_rails", require: false + gem "rubycritic" gem "standard" end group :development do - gem "brakeman" gem "rack-mini-profiler" gem "web-console" end From 1223004ca807278e659fab369c3338aff38902d6 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 16:22:43 -0600 Subject: [PATCH 07/18] Update gemfile.lock --- Gemfile | 1 + Gemfile.lock | 94 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 95 insertions(+) diff --git a/Gemfile b/Gemfile index 9c9dd861..858f19a2 100644 --- a/Gemfile +++ b/Gemfile @@ -34,6 +34,7 @@ group :development, :test do # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem gem "brakeman" gem "bundle-audit" + gem "database_consistency" gem "debug", platforms: %i[mri windows] gem "dotenv" gem "erb_lint", require: false diff --git a/Gemfile.lock b/Gemfile.lock index 3918808f..963b5293 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -83,6 +83,10 @@ GEM addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) ast (2.4.2) + axiom-types (0.1.1) + descendants_tracker (~> 0.0.4) + ice_nine (~> 0.11.0) + thread_safe (~> 0.3, >= 0.3.1) base64 (0.2.0) better_html (2.1.1) actionview (>= 6.0) @@ -98,6 +102,11 @@ GEM brakeman (6.1.2) racc builder (3.3.0) + bundle-audit (0.1.0) + bundler-audit + bundler-audit (0.9.1) + bundler (>= 1.2.0, < 3) + thor (~> 1.0) byebug (11.1.3) capybara (3.40.0) addressable @@ -108,20 +117,55 @@ GEM rack-test (>= 0.6.3) regexp_parser (>= 1.5, < 3.0) xpath (~> 3.2) + childprocess (5.0.0) coderay (1.1.3) + coercible (1.0.0) + descendants_tracker (~> 0.0.1) concurrent-ruby (1.3.3) connection_pool (2.4.1) crass (1.0.6) cuprite (0.15.1) capybara (~> 3.0) ferrum (~> 0.15.0) + database_consistency (1.7.23) + activerecord (>= 3.2) date (3.3.4) debug (1.9.2) irb (~> 1.10) reline (>= 0.3.8) + descendants_tracker (0.0.4) + thread_safe (~> 0.3, >= 0.3.1) diff-lcs (1.5.1) + docile (1.4.0) dotenv (3.1.2) drb (2.2.1) + dry-configurable (1.2.0) + dry-core (~> 1.0, < 2) + zeitwerk (~> 2.6) + dry-core (1.0.1) + concurrent-ruby (~> 1.0) + zeitwerk (~> 2.6) + dry-inflector (1.1.0) + dry-initializer (3.1.1) + dry-logic (1.5.0) + concurrent-ruby (~> 1.0) + dry-core (~> 1.0, < 2) + zeitwerk (~> 2.6) + dry-schema (1.13.4) + concurrent-ruby (~> 1.0) + dry-configurable (~> 1.0, >= 1.0.1) + dry-core (~> 1.0, < 2) + dry-initializer (~> 3.0) + dry-logic (>= 1.4, < 2) + dry-types (>= 1.7, < 2) + zeitwerk (~> 2.6) + dry-types (1.7.2) + bigdecimal (~> 3.0) + concurrent-ruby (~> 1.0) + dry-core (~> 1.0) + dry-inflector (~> 1.0) + dry-logic (~> 1.4) + zeitwerk (~> 2.6) erb_lint (0.5.0) activesupport better_html (>= 2.0.1) @@ -137,6 +181,15 @@ GEM concurrent-ruby (~> 1.1) webrick (~> 1.7) websocket-driver (~> 0.7) + flay (2.13.3) + erubi (~> 1.10) + path_expander (~> 1.0) + ruby_parser (~> 3.0) + sexp_processor (~> 4.0) + flog (4.8.0) + path_expander (~> 1.0) + ruby_parser (~> 3.1, > 3.1.0) + sexp_processor (~> 4.8) fugit (1.11.0) et-orbi (~> 1, >= 1.2.11) raabro (~> 1.4) @@ -147,6 +200,7 @@ GEM activesupport (>= 6.1) i18n (1.14.5) concurrent-ruby (~> 1.0) + ice_nine (0.11.2) importmap-rails (2.0.1) actionpack (>= 6.0.0) activesupport (>= 6.0.0) @@ -157,6 +211,9 @@ GEM reline (>= 0.4.2) json (2.7.2) language_server-protocol (3.17.0.3) + launchy (3.0.1) + addressable (~> 2.8) + childprocess (~> 5.0) lint_roller (1.1.0) loofah (2.22.0) crass (~> 1.0.2) @@ -196,6 +253,7 @@ GEM parser (3.3.3.0) ast (~> 2.4.1) racc + path_expander (1.1.1) propshaft (0.9.0) actionpack (>= 7.0.0) activesupport (>= 7.0.0) @@ -259,6 +317,11 @@ GEM rake (13.2.1) rdoc (6.7.0) psych (>= 4.0.0) + reek (6.3.0) + dry-schema (~> 1.13.0) + parser (~> 3.3.0) + rainbow (>= 2.0, < 4.0) + rexml (~> 3.1) regexp_parser (2.9.2) reline (0.5.9) io-console (~> 0.5) @@ -319,6 +382,28 @@ GEM rubocop-rspec (~> 3, >= 3.0.1) ruby-next-core (1.0.3) ruby-progressbar (1.13.0) + ruby_parser (3.21.0) + racc (~> 1.5) + sexp_processor (~> 4.16) + rubycritic (4.9.0) + flay (~> 2.13) + flog (~> 4.7) + launchy (>= 2.5.2) + parser (>= 3.2.2.1) + rainbow (~> 3.1.1) + reek (~> 6.0, < 7.0) + rexml + ruby_parser (~> 3.20) + simplecov (>= 0.22.0) + tty-which (~> 0.5.0) + virtus (~> 2.0) + sexp_processor (4.17.1) + simplecov (0.22.0) + docile (~> 1.1) + simplecov-html (~> 0.11) + simplecov_json_formatter (~> 0.1) + simplecov-html (0.12.3) + simplecov_json_formatter (0.1.4) smart_properties (1.17.0) solid_queue (0.3.3) activejob (>= 7.1) @@ -349,7 +434,9 @@ GEM tailwindcss-rails (2.6.1-x86_64-linux) railties (>= 7.0.0) thor (1.3.1) + thread_safe (0.3.6) timeout (0.4.1) + tty-which (0.5.0) turbo-rails (2.0.5) actionpack (>= 6.0.0) activejob (>= 6.0.0) @@ -357,6 +444,10 @@ GEM tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (2.5.0) + virtus (2.0.0) + axiom-types (~> 0.1) + coercible (~> 1.0) + descendants_tracker (~> 0.0, >= 0.0.3) web-console (4.2.1) actionview (>= 6.0.0) activemodel (>= 6.0.0) @@ -379,8 +470,10 @@ DEPENDENCIES activerecord-enhancedsqlite3-adapter (~> 0.8.0) bootsnap brakeman + bundle-audit capybara cuprite + database_consistency debug dotenv erb_lint @@ -401,6 +494,7 @@ DEPENDENCIES rubocop-rails rubocop-rspec rubocop-rspec_rails + rubycritic solid_queue sqlite3 (~> 1.4) standard From b8adac4e7227d326fde071b38bade35797b8685d Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 16:39:02 -0600 Subject: [PATCH 08/18] Update rubycritic config --- .reek.yml | 3 +++ .rubycritic.yml | 6 ++++++ 2 files changed, 9 insertions(+) create mode 100644 .reek.yml create mode 100644 .rubycritic.yml diff --git a/.reek.yml b/.reek.yml new file mode 100644 index 00000000..4cbdb0d5 --- /dev/null +++ b/.reek.yml @@ -0,0 +1,3 @@ +detectors: + IrresponsibleModule: + enabled: false \ No newline at end of file diff --git a/.rubycritic.yml b/.rubycritic.yml new file mode 100644 index 00000000..64253be9 --- /dev/null +++ b/.rubycritic.yml @@ -0,0 +1,6 @@ +branch: 'main' # default is master +threshold_score: 2 # default is 0 +minimum_score: 95 # default is 0 +paths: + - "app/" + - "config/" \ No newline at end of file From 93b54ddfc9e94b1427a22c840580e19e4f903d31 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 16:48:04 -0600 Subject: [PATCH 09/18] Add database-consistency auto corrections --- db/migrate/20240705224728_add_profiles_id_index.rb | 5 +++++ db/schema.rb | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 db/migrate/20240705224728_add_profiles_id_index.rb diff --git a/db/migrate/20240705224728_add_profiles_id_index.rb b/db/migrate/20240705224728_add_profiles_id_index.rb new file mode 100644 index 00000000..1d035fc5 --- /dev/null +++ b/db/migrate/20240705224728_add_profiles_id_index.rb @@ -0,0 +1,5 @@ +class AddProfilesIdIndex < ActiveRecord::Migration[7.1] + def change + add_index :profiles, %w[id], name: :index_profiles_id, unique: true + end +end diff --git a/db/schema.rb b/db/schema.rb index 2c593f77..89a2649b 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -57,7 +57,7 @@ t.string "github_url" t.string "linkedin_url" t.string "twitter_url" - t.boolean "public" + t.boolean "public", default: false, null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false t.index ["profileable_type", "profileable_id"], name: "index_profiles_on_profileable" @@ -88,8 +88,8 @@ create_table "users", force: :cascade do |t| t.string "email" t.string "role" - t.boolean "mail_notifications_enabled", default: true - t.boolean "in_app_notifications_enabled", default: true + t.boolean "mail_notifications_enabled", default: true, null: false + t.boolean "in_app_notifications_enabled", default: true, null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false end From e61c372efd6f0521cc23bdd196c531c5ab5881ce Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 16:51:27 -0600 Subject: [PATCH 10/18] More corrections --- db/schema.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/db/schema.rb b/db/schema.rb index 89a2649b..c8763550 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.1].define(version: 2024_06_28_211903) do +ActiveRecord::Schema[7.1].define(version: 2024_07_05_224728) do create_table "conferences", force: :cascade do |t| t.string "name" t.datetime "created_at", null: false @@ -60,6 +60,7 @@ t.boolean "public", default: false, null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false + t.index ["id"], name: "index_profiles_id", unique: true t.index ["profileable_type", "profileable_id"], name: "index_profiles_on_profileable" end From 04ab80d273216d85aa89dd9e29f1a62dc56a72d4 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 17:10:15 -0600 Subject: [PATCH 11/18] Revert changes --- db/migrate/20240705224728_add_profiles_id_index.rb | 5 ----- db/schema.rb | 3 +-- 2 files changed, 1 insertion(+), 7 deletions(-) delete mode 100644 db/migrate/20240705224728_add_profiles_id_index.rb diff --git a/db/migrate/20240705224728_add_profiles_id_index.rb b/db/migrate/20240705224728_add_profiles_id_index.rb deleted file mode 100644 index 1d035fc5..00000000 --- a/db/migrate/20240705224728_add_profiles_id_index.rb +++ /dev/null @@ -1,5 +0,0 @@ -class AddProfilesIdIndex < ActiveRecord::Migration[7.1] - def change - add_index :profiles, %w[id], name: :index_profiles_id, unique: true - end -end diff --git a/db/schema.rb b/db/schema.rb index c8763550..89a2649b 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.1].define(version: 2024_07_05_224728) do +ActiveRecord::Schema[7.1].define(version: 2024_06_28_211903) do create_table "conferences", force: :cascade do |t| t.string "name" t.datetime "created_at", null: false @@ -60,7 +60,6 @@ t.boolean "public", default: false, null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false - t.index ["id"], name: "index_profiles_id", unique: true t.index ["profileable_type", "profileable_id"], name: "index_profiles_on_profileable" end From 18439e006786023568146fa574d0ca48dbb77058 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 17:20:48 -0600 Subject: [PATCH 12/18] Add index to profile --- app/models/profile.rb | 2 ++ db/migrate/20240705231624_add_index_to_profile.rb | 5 +++++ db/schema.rb | 3 ++- 3 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 db/migrate/20240705231624_add_index_to_profile.rb diff --git a/app/models/profile.rb b/app/models/profile.rb index 9f5487a6..66f03588 100644 --- a/app/models/profile.rb +++ b/app/models/profile.rb @@ -4,4 +4,6 @@ class Profile < ApplicationRecord has_one :self_ref, class_name: "Profile", foreign_key: :id, inverse_of: :self_ref, dependent: :destroy has_one :user, through: :self_ref, source: :profileable, source_type: "User" has_one :speaker, through: :self_ref, source: :profileable, source_type: "Speaker" + + validates :self_ref, uniqueness: true end diff --git a/db/migrate/20240705231624_add_index_to_profile.rb b/db/migrate/20240705231624_add_index_to_profile.rb new file mode 100644 index 00000000..d9159be2 --- /dev/null +++ b/db/migrate/20240705231624_add_index_to_profile.rb @@ -0,0 +1,5 @@ +class AddIndexToProfile < ActiveRecord::Migration[7.1] + def change + add_index :profiles, :id, unique: true + end +end diff --git a/db/schema.rb b/db/schema.rb index 89a2649b..e88690e7 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.1].define(version: 2024_06_28_211903) do +ActiveRecord::Schema[7.1].define(version: 2024_07_05_231624) do create_table "conferences", force: :cascade do |t| t.string "name" t.datetime "created_at", null: false @@ -60,6 +60,7 @@ t.boolean "public", default: false, null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false + t.index ["id"], name: "index_profiles_on_id", unique: true t.index ["profileable_type", "profileable_id"], name: "index_profiles_on_profileable" end From 272ea2f3a0db6bde58480f6653862ed0826af0b8 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 17:28:30 -0600 Subject: [PATCH 13/18] Add lefthook config file --- .lefthook.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 .lefthook.yml diff --git a/.lefthook.yml b/.lefthook.yml new file mode 100644 index 00000000..14f9c505 --- /dev/null +++ b/.lefthook.yml @@ -0,0 +1,18 @@ +pre-commit: + parallel: true + commands: + ruby-linter: + glob: "*.{rb,rake}" + run: bundle exec rubocop -a --force-exclusion {staged_files} + stage_fixed: true + erb-linter: + glob: "*.erb" + run: bundle exec erblint --lint-all {staged_files} + js-linter: + glob: "*.js" + run: standard --fix {staged_files} + stage_fixed: true + fix-typos: + exclude: '\.(pdf|ttf|jpg|png|csv)$' + run: typos --write-changes {staged_files} + stage_fixed: true \ No newline at end of file From cf00a717e3a32577537ca165d8f7b00975175233 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 17:35:43 -0600 Subject: [PATCH 14/18] Add pull request template --- .github/PULL_REQUEST_TEMPLATE/default.md | 33 ++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/PULL_REQUEST_TEMPLATE/default.md diff --git a/.github/PULL_REQUEST_TEMPLATE/default.md b/.github/PULL_REQUEST_TEMPLATE/default.md new file mode 100644 index 00000000..47d8f709 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE/default.md @@ -0,0 +1,33 @@ +## Description + +Please include a summary of the change. Also, include any additional information that you think is important for reviewers to know. Link to a related issue if applicable. + +## How has this been tested? + +Please mark the tests that you ran to verify your changes. If difficult to test, consider providing instructions so reviewers can test. + +- [ ] Manual testing +- [ ] System tests +- [ ] Unit tests +- [ ] None + +## Checklist + +- [ ] CI pipeline is passing +- [ ] My code follows the conventions of this project +- [ ] I have performed a self-review of my code +- [ ] I have commented on my code, particularly in hard-to-understand areas +- [ ] I have made corresponding changes to the documentation (if applicable) +- [ ] I have added seed data to the database (if applicable) + +## Release tasks + +Does this change require any release tasks? +- [ ] ES Re-indexing +- [ ] Rake task +- [ ] Other (please specify) +- [ ] None + +## Screenshots/Loom + +This section is relevant in case we want to share progress with the team, otherwise, it can be omitted. \ No newline at end of file From 3cfc31afcc3fff0c71b28015db4cf6d859df901f Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 17:37:24 -0600 Subject: [PATCH 15/18] Add tests to CI --- .github/workflows/github-actions.yml | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/.github/workflows/github-actions.yml b/.github/workflows/github-actions.yml index 6c0a56d9..3eeb0b7f 100644 --- a/.github/workflows/github-actions.yml +++ b/.github/workflows/github-actions.yml @@ -85,4 +85,22 @@ jobs: - name: Run database consistency run: | bundle exec rails db:test:prepare - bundle exec database_consistency -c .database_consistency.todo.yml \ No newline at end of file + bundle exec database_consistency -c .database_consistency.todo.yml + + tests: + name: RSpec + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + - name: Setup DB + run: | + bundle exec rails db:test:prepare + - name: Assets Precompile + run: bundle exec rails assets:precompile + - name: Run tests + run: | + bundle exec rspec \ No newline at end of file From 058808397225617060bc6b861469bab857e13c0a Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 17:50:51 -0600 Subject: [PATCH 16/18] Add other gems --- .github/workflows/github-actions.yml | 2 +- Gemfile | 4 ++++ Gemfile.lock | 18 ++++++++++++++++++ config/environments/development.rb | 14 ++++++++++++++ 4 files changed, 37 insertions(+), 1 deletion(-) diff --git a/.github/workflows/github-actions.yml b/.github/workflows/github-actions.yml index 3eeb0b7f..4a28b4b4 100644 --- a/.github/workflows/github-actions.yml +++ b/.github/workflows/github-actions.yml @@ -88,7 +88,7 @@ jobs: bundle exec database_consistency -c .database_consistency.todo.yml tests: - name: RSpec + name: Tests runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 diff --git a/Gemfile b/Gemfile index 858f19a2..4303283c 100644 --- a/Gemfile +++ b/Gemfile @@ -32,12 +32,16 @@ gem "tzinfo-data", platforms: %i[windows jruby] group :development, :test do # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem + gem "better_errors" + gem "binding_of_caller" gem "brakeman" + gem "bullet" gem "bundle-audit" gem "database_consistency" gem "debug", platforms: %i[mri windows] gem "dotenv" gem "erb_lint", require: false + gem "letter_opener" gem "pry-byebug" gem "rspec-rails" gem "rubocop-capybara", require: false diff --git a/Gemfile.lock b/Gemfile.lock index 963b5293..d7be3424 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -88,6 +88,10 @@ GEM ice_nine (~> 0.11.0) thread_safe (~> 0.3, >= 0.3.1) base64 (0.2.0) + better_errors (2.10.1) + erubi (>= 1.0.0) + rack (>= 0.9.0) + rouge (>= 1.0.0) better_html (2.1.1) actionview (>= 6.0) activesupport (>= 6.0) @@ -97,11 +101,16 @@ GEM smart_properties bigdecimal (3.1.8) bindex (0.8.1) + binding_of_caller (1.0.1) + debug_inspector (>= 1.2.0) bootsnap (1.18.3) msgpack (~> 1.2) brakeman (6.1.2) racc builder (3.3.0) + bullet (7.1.6) + activesupport (>= 3.0.0) + uniform_notifier (~> 1.11) bundle-audit (0.1.0) bundler-audit bundler-audit (0.9.1) @@ -133,6 +142,7 @@ GEM debug (1.9.2) irb (~> 1.10) reline (>= 0.3.8) + debug_inspector (1.2.0) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) diff-lcs (1.5.1) @@ -214,6 +224,8 @@ GEM launchy (3.0.1) addressable (~> 2.8) childprocess (~> 5.0) + letter_opener (1.10.0) + launchy (>= 2.2, < 4) lint_roller (1.1.0) loofah (2.22.0) crass (~> 1.0.2) @@ -327,6 +339,7 @@ GEM io-console (~> 0.5) rexml (3.3.1) strscan + rouge (4.3.0) rspec (3.13.0) rspec-core (~> 3.13.0) rspec-expectations (~> 3.13.0) @@ -444,6 +457,7 @@ GEM tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (2.5.0) + uniform_notifier (1.16.0) virtus (2.0.0) axiom-types (~> 0.1) coercible (~> 1.0) @@ -468,8 +482,11 @@ PLATFORMS DEPENDENCIES action_policy (~> 0.7.0) activerecord-enhancedsqlite3-adapter (~> 0.8.0) + better_errors + binding_of_caller bootsnap brakeman + bullet bundle-audit capybara cuprite @@ -479,6 +496,7 @@ DEPENDENCIES erb_lint fuubar importmap-rails + letter_opener mission_control-jobs propshaft pry-byebug diff --git a/config/environments/development.rb b/config/environments/development.rb index 25334d0b..11966457 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,6 +1,15 @@ require "active_support/core_ext/integer/time" Rails.application.configure do + config.after_initialize do + Bullet.enable = true + Bullet.alert = true + Bullet.bullet_logger = true + Bullet.console = true + Bullet.rails_logger = true + Bullet.add_footer = true + end + # Settings specified here will take precedence over those in config/application.rb. # In the development environment your application's code is reloaded any time @@ -36,6 +45,11 @@ # Store uploaded files on the local file system (see config/storage.yml for options). config.active_storage.service = :local + # Preview email in the default browser instead of sending it. + config.action_mailer.delivery_method = :letter_opener + + config.action_mailer.perform_deliveries = true + # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false From 1c34ea44cb79c51ce0b54962063633542af15b84 Mon Sep 17 00:00:00 2001 From: LuigiR0jas Date: Fri, 5 Jul 2024 17:58:34 -0600 Subject: [PATCH 17/18] Update readme --- README.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/README.md b/README.md index 6c325f86..1bdd7018 100644 --- a/README.md +++ b/README.md @@ -49,6 +49,28 @@ We use [Typos](https://github.com/crate-ci/typos) as a spell checker. - Run `typos -w` to auto-correct offenses - For false positives and other configuration, see the `_typos.yml` file +#### Optional - Running linters' auto-fix before a commit + +[Leftook](https://github.com/evilmartians/lefthook) will execute the linters' auto-fix on staged files and abort the commit if there are offenses that can't be auto-fixed. +Run the following commands to enable this flow: + +``` +gem install lefthook +lefthook install +``` + +## Code Quality + +#### Rubycritic + +Besides code reviews, we use [rubycritic](https://github.com/whitesmith/rubycritic) to generate a report of the code quality. Both as a reviewer and as a contributor, you should check the report and address the issues found if the files you are working on have a low score ("D" or "F"). +- You can run it with `bundle exec rubycritic` + +#### Database consistency + +We use [DatabaseConsistency](https://github.com/djezzzl/database_consistency) to check for inconsistencies between the database schema and the application models. +- You can run it with `bundle exec database_consistency`. + ## Testing Run tests by using `bundle exec rspec`. From 31ef735ca85f27f6a829cbbbbe04e3f7587f49ec Mon Sep 17 00:00:00 2001 From: Sergio-e <33036058+Sergio-e@users.noreply.github.com> Date: Fri, 5 Jul 2024 19:50:49 -0600 Subject: [PATCH 18/18] Improvements & fixes --- .database_consistency.todo.yml | 5 ++ .github/PULL_REQUEST_TEMPLATE/default.md | 8 +- .github/workflows/github-actions.yml | 17 +--- Gemfile | 2 - Gemfile.lock | 8 -- app/models/profile.rb | 2 - config/environments/development.rb | 9 --- config/initializers/rack_attack.rb | 77 ------------------- .../20240705231624_add_index_to_profile.rb | 5 -- db/schema.rb | 3 +- 10 files changed, 9 insertions(+), 127 deletions(-) create mode 100644 .database_consistency.todo.yml delete mode 100644 config/initializers/rack_attack.rb delete mode 100644 db/migrate/20240705231624_add_index_to_profile.rb diff --git a/.database_consistency.todo.yml b/.database_consistency.todo.yml new file mode 100644 index 00000000..4fcdc664 --- /dev/null +++ b/.database_consistency.todo.yml @@ -0,0 +1,5 @@ +--- +Profile: + self_ref: + MissingIndexChecker: + enabled: false diff --git a/.github/PULL_REQUEST_TEMPLATE/default.md b/.github/PULL_REQUEST_TEMPLATE/default.md index 47d8f709..4cc7a782 100644 --- a/.github/PULL_REQUEST_TEMPLATE/default.md +++ b/.github/PULL_REQUEST_TEMPLATE/default.md @@ -22,12 +22,8 @@ Please mark the tests that you ran to verify your changes. If difficult to test, ## Release tasks -Does this change require any release tasks? -- [ ] ES Re-indexing -- [ ] Rake task -- [ ] Other (please specify) -- [ ] None +Add any tasks that need to be done before/after the release of this feature. ## Screenshots/Loom -This section is relevant in case we want to share progress with the team, otherwise, it can be omitted. \ No newline at end of file +This section is relevant in case we want to share progress with the team, otherwise, it can be omitted. diff --git a/.github/workflows/github-actions.yml b/.github/workflows/github-actions.yml index 4a28b4b4..4ed4df5d 100644 --- a/.github/workflows/github-actions.yml +++ b/.github/workflows/github-actions.yml @@ -58,19 +58,6 @@ jobs: code_quality: name: Code quality runs-on: ubuntu-latest - services: - postgres: - image: postgres:16.2 - env: - POSTGRES_USER: root - POSTGRES_PASSWORD: postgres - ports: - - 5432:5432 - options: >- - --health-cmd pg_isready - --health-interval 10s - --health-timeout 5s - --health-retries 5 if: ${{ github.ref_name != 'main' }} steps: - name: Checkout code @@ -99,8 +86,6 @@ jobs: - name: Setup DB run: | bundle exec rails db:test:prepare - - name: Assets Precompile - run: bundle exec rails assets:precompile - name: Run tests run: | - bundle exec rspec \ No newline at end of file + bundle exec rspec diff --git a/Gemfile b/Gemfile index 4303283c..c51f9083 100644 --- a/Gemfile +++ b/Gemfile @@ -27,7 +27,6 @@ gem "action_policy", "~> 0.7.0" # Other gem "bootsnap", require: false gem "puma", ">= 5.0" -gem "rack-attack", "~> 6.7" gem "tzinfo-data", platforms: %i[windows jruby] group :development, :test do @@ -35,7 +34,6 @@ group :development, :test do gem "better_errors" gem "binding_of_caller" gem "brakeman" - gem "bullet" gem "bundle-audit" gem "database_consistency" gem "debug", platforms: %i[mri windows] diff --git a/Gemfile.lock b/Gemfile.lock index 6ec90ae9..5a4b4216 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -108,9 +108,6 @@ GEM brakeman (6.1.2) racc builder (3.3.0) - bullet (7.1.6) - activesupport (>= 3.0.0) - uniform_notifier (~> 1.11) bundle-audit (0.1.0) bundler-audit bundler-audit (0.9.1) @@ -285,8 +282,6 @@ GEM raabro (1.4.0) racc (1.8.0) rack (3.1.6) - rack-attack (6.7.0) - rack (>= 1.0, < 4) rack-mini-profiler (3.3.1) rack (>= 1.2.0) rack-session (2.0.0) @@ -457,7 +452,6 @@ GEM tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (2.5.0) - uniform_notifier (1.16.0) virtus (2.0.0) axiom-types (~> 0.1) coercible (~> 1.0) @@ -487,7 +481,6 @@ DEPENDENCIES binding_of_caller bootsnap brakeman - bullet bundle-audit capybara cuprite @@ -502,7 +495,6 @@ DEPENDENCIES propshaft pry-byebug puma (>= 5.0) - rack-attack (~> 6.7) rack-mini-profiler rails (~> 7.1.3, >= 7.1.3.4) rspec-instafail diff --git a/app/models/profile.rb b/app/models/profile.rb index 66f03588..9f5487a6 100644 --- a/app/models/profile.rb +++ b/app/models/profile.rb @@ -4,6 +4,4 @@ class Profile < ApplicationRecord has_one :self_ref, class_name: "Profile", foreign_key: :id, inverse_of: :self_ref, dependent: :destroy has_one :user, through: :self_ref, source: :profileable, source_type: "User" has_one :speaker, through: :self_ref, source: :profileable, source_type: "Speaker" - - validates :self_ref, uniqueness: true end diff --git a/config/environments/development.rb b/config/environments/development.rb index 11966457..e01622cf 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,15 +1,6 @@ require "active_support/core_ext/integer/time" Rails.application.configure do - config.after_initialize do - Bullet.enable = true - Bullet.alert = true - Bullet.bullet_logger = true - Bullet.console = true - Bullet.rails_logger = true - Bullet.add_footer = true - end - # Settings specified here will take precedence over those in config/application.rb. # In the development environment your application's code is reloaded any time diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb deleted file mode 100644 index 29d8a64a..00000000 --- a/config/initializers/rack_attack.rb +++ /dev/null @@ -1,77 +0,0 @@ -class Rack::Attack - ### Configure Cache ### - - # If you don't want to use Rails.cache (Rack::Attack's default), then - # configure it here. - # - # Note: The store is only used for throttling (not blocklisting and - # safelisting). It must implement .increment and .write like - # ActiveSupport::Cache::Store - - # Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new - - ### Throttle Spammy Clients ### - - # If any single client IP is making tons of requests, then they're - # probably malicious or a poorly-configured scraper. Either way, they - # don't deserve to hog all of the app server's CPU. Cut them off! - # - # Note: If you're serving assets through rack, those requests may be - # counted by rack-attack and this throttle may be activated too - # quickly. If so, enable the condition to exclude them from tracking. - - # Throttle all requests by IP (60rpm) - # - # Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}" - throttle("req/ip", limit: 300, period: 5.minutes) do |req| - req.ip # unless req.path.start_with?('/assets') - end - - ### Prevent Brute-Force Login Attacks ### - - # The most common brute-force login attack is a brute-force password - # attack where an attacker simply tries a large number of emails and - # passwords to see if any credentials match. - # - # Another common method of attack is to use a swarm of computers with - # different IPs to try brute-forcing a password for a specific account. - - # Throttle POST requests to /login by IP address - # - # Key: "rack::attack:#{Time.now.to_i/:period}:logins/ip:#{req.ip}" - throttle("logins/ip", limit: 5, period: 20.seconds) do |req| - if req.path == "/login" && req.post? - req.ip - end - end - - # Throttle POST requests to /login by email param - # - # Key: "rack::attack:#{Time.now.to_i/:period}:logins/email:#{normalized_email}" - # - # Note: This creates a problem where a malicious user could intentionally - # throttle logins for another user and force their login requests to be - # denied, but that's not very common and shouldn't happen to you. (Knock - # on wood!) - throttle("logins/email", limit: 5, period: 20.seconds) do |req| - if req.path == "/login" && req.post? - # Normalize the email, using the same logic as your authentication process, to - # protect against rate limit bypasses. Return the normalized email if present, nil otherwise. - req.params["email"].to_s.downcase.gsub(/\s+/, "").presence - end - end - - ### Custom Throttle Response ### - - # By default, Rack::Attack returns an HTTP 429 for throttled responses, - # which is just fine. - # - # If you want to return 503 so that the attacker might be fooled into - # believing that they've successfully broken your app (or you just want to - # customize the response), then uncomment these lines. - # self.throttled_responder = lambda do |env| - # [ 503, # status - # {}, # headers - # ['']] # body - # end -end diff --git a/db/migrate/20240705231624_add_index_to_profile.rb b/db/migrate/20240705231624_add_index_to_profile.rb deleted file mode 100644 index d9159be2..00000000 --- a/db/migrate/20240705231624_add_index_to_profile.rb +++ /dev/null @@ -1,5 +0,0 @@ -class AddIndexToProfile < ActiveRecord::Migration[7.1] - def change - add_index :profiles, :id, unique: true - end -end diff --git a/db/schema.rb b/db/schema.rb index e88690e7..89a2649b 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.1].define(version: 2024_07_05_231624) do +ActiveRecord::Schema[7.1].define(version: 2024_06_28_211903) do create_table "conferences", force: :cascade do |t| t.string "name" t.datetime "created_at", null: false @@ -60,7 +60,6 @@ t.boolean "public", default: false, null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false - t.index ["id"], name: "index_profiles_on_id", unique: true t.index ["profileable_type", "profileable_id"], name: "index_profiles_on_profileable" end