Merge pull request #450 from CDLUC3/v4.0.8-beta

V4.0.8 beta

.github/workflows/eslint.yml

@@ -15,6 +15,7 @@ jobs:
     - uses: actions/setup-node@v2
       with:
         cache: 'yarn'
+        node-version: 16
 
     # Run yarn install for JS dependencies
     - name: 'Yarn Install'

.github/workflows/mysql.yml

@@ -21,12 +21,13 @@ jobs:
       with:
         ruby-version: '3.0'
         bundler-cache: true
-
+    
     # Install Node
     - uses: actions/setup-node@v3
       with:
         node-version: '16.6.0'
         cache: 'yarn'
+        node-version: 16
 
     # Copy all of the example configs over
     - name: 'Setup the application'

.github/workflows/pa11y.yml

@@ -14,7 +14,7 @@ jobs:
 
     steps:
     # Checkout the repo
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
 
     # Install Ruby and run bundler
     - uses: ruby/setup-ruby@v1
@@ -23,8 +23,9 @@ jobs:
         bundler-cache: true
 
     # Install Node
-    - uses: actions/setup-node@v2
+    - uses: actions/setup-node@v3
       with:
+        node-version: '16.6.0'
         cache: 'yarn'
 
     # Copy all of the example configs over
@@ -46,10 +47,15 @@ jobs:
 
     # Start the DB server and initialize the DB
     - name: 'Start MySQL'
+      run: sudo systemctl start mysql
+
+    - name: 'Build out the test database'
       run: |
-        sudo systemctl start mysql
-        bin/rails db:setup RAILS_ENV=test
-        bin/rails db:migrate RAILS_ENV=test
+        bundle exec rails db:create RAILS_ENV=test
+        bundle exec rails db:schema:load RAILS_ENV=test
+
+    - name: 'Run any pending database migrations'
+      run: bin/rails db:migrate RAILS_ENV=test
 
     # Prebuild the CSS, JS and image assets
     - name: 'Precompile all of the Assets'

.github/workflows/postgres.yml

@@ -37,12 +37,16 @@ jobs:
       with:
         ruby-version: '3.0'
         bundler-cache: true
-
+
+    ## - run: echo 'NODE_OPTIONS="--openssl-legacy-provider"' >> $GITHUB_ENV 
+    ## /home/runner/runners/2.301.1/externals/node12/bin/node: --openssl-legacy-provider is not allowed in NODE_OPTIONS
+
     # Install Node
     - uses: actions/setup-node@v3
       with:
         node-version: '16.6.0'
         cache: 'yarn'
+        node-version: 16
 
     # Install the Postgres developer packages
     - name: 'Install Postgresql Packages'

.gitignore

@@ -131,6 +131,8 @@ spec/examples.txt
 /yarn-error.log
 yarn-debug.log*
 .yarn-integrity
+/app/assets/builds/*
+!/app/assets/builds/.keep
 
 # Ignore briley AWS cloud9 script to start the application
-cloud9-start.sh
+cloud9-start.sh

.rubocop.yml

@@ -1,8 +1,3 @@
-require:
-#   - rubocop-rails
-#   - rubocop-rspec
-#   - rubocop-performance
-
 # ----------------
 # - INSTRUCTIONS -
 # ----------------
@@ -27,6 +22,12 @@ require:
 # configured.
 #
 # Try to place any new Cops under their relevant section and in alphabetical order
+
+require:
+#   - rubocop-rails
+#   - rubocop-rspec
+  - rubocop-performance
+
 AllCops:
   # Show the name of the cops being voilated in the feedback
   DisplayCopNames: true
@@ -108,6 +109,12 @@ Lint/UnexpectedBlockArity: # new in 1.5
   Enabled: true
 Lint/UnmodifiedReduceAccumulator: # new in 1.1
   Enabled: true
+Lint/Debugger: # new in 1.45.0
+  Description: 'Check for debugger calls.'
+  Enabled: true
+  Exclude:
+    - 'lib/tasks/**/*'
+
 
 # -----------
 # - METRICS -

CHANGELOG.md

@@ -4,8 +4,15 @@
 
 ### v4.0.8
 
+### Features
+- Update to the Org admin Plans page that will now show the date that feedback was requested. [#434](https://github.com/CDLUC3/dmptool/issues/434)
+- Changed the language around the confusing checkbox/option text on the download plan page (for PDF download) and changed defaults so that only the section heading and question text are enabled by default. [#435](https://github.com/CDLUC3/dmptool/issues/435)
+
 ### Bug Fixes:
+- Fixed an issue causing the mouse pointer to change to a text icon when hovering over hyperlinks for Chrome and Firefox. It now correctly displays the hand pointer [issue #445](https://github.com/CDLUC3/dmptool/issues/445)
 - Patch [issue #447](https://github.com/CDLUC3/dmptool/issues/447) that was deleting all prior related identifiers when a user adds a new related identifier on the 'Follow up' tab.
+- Patch Github Actions to lock Node at v16.6 to deal with a version compatability issue with openSSL
+- Attempt to patch issue that was causing registry_orgs search by name to fail for Postgres distributions that is causing Rspec tests to fail for `spec/services/api/v2/deserialization/*.rb`. Perhaps someone out there with Postgres can debug, fix and submit a PR.
 
 ### v4.0.5
 This version includes changes from [DMPRoadmap release v4.0.2](https://github.com/DMPRoadmap/roadmap/releases/tag/v4.0.2) see the release notes for details.
@@ -52,24 +59,108 @@ This version includes changes from [DMPRoadmap release v4.0.2](https://github.co
 - Added this CHANGELOG.md
 
 ---
+
 ## Changes from the upstream DMPRoadmap repository
 
+## v4.1.0
+
+**Note this upgrade is a migration from Ruby v2.7.6 to v3.0.5.** Note that this could have an impact on any customizations you may have made to your fork of this project. Please see https://www.fastruby.io/blog/ruby/upgrades/upgrade-ruby-from-2.7-to-3.0.html for further information on what to check. In particular, please note the changes to the way [Ruby 3 handles keyword arguments](https://www.ruby-lang.org/en/news/2019/12/12/separation-of-positional-and-keyword-arguments-in-ruby-3-0/)
+
+**Note that the Webpacker gem has been removed in favor of jsbundling-rails.** This was done in preparation for the future migration to Rails 7. See [issue #3185](https://github.com/DMPRoadmap/roadmap/issues/3185) for more details on this change. If, after migrating to this version, you see 'Sprockets' related errors in your application you will need to rebuild you asset library. To do this run `bin/rails assets:clobber && bin/rails assets:precompile` from the project directory.
+
+All gem and JS dependencies were also updated via `bundle update && yarn upgrade`
+
+### Upgrade to Ruby 3
+
+- Upgrade to Ruby version 3.0.5 [#3225](https://github.com/DMPRoadmap/roadmap/issues/3225)
+- Bumped all Github actions to use ruby 3.0
+- Removed `.freeze` from Regex and Range constants since those types are already immutable
+- Fixed Rubocop complaint about redundancy of `r.nil? ? nil : r.user`, so changed it to `r&.user` in `app/models/plan.rb`
+- Fixed Rubocop complaint about redundant `::` in config.log_formatter = `::Logger::Formatter.new` in `config/environments/production.rb`
+- Froze `lib/deprecators/*.rb` constants that were Strings
+- Updated places that were incorrectly using keyword args. See [this article](https://makandracards.com/makandra/496481-changes-to-positional-and-keyword-args-in-ruby-3-0) for an overview
+
+#### Upgraded TinyMCE to v6
+
+- Upgraded TinyMCE to v6 (v5 EOL is April 20 2023)
+- Adjusted JS code to conform to new TinyMCE version
+- Adjusted views to work with the new version
+- Updated variables.scss file to fix issue with button text/background color contrast
+- Updated blocks/_tables.scss to fix issue with dropdown menu overlap against table
+- updated config/initializers/assets.rb to copy over the tinymce skins and bootstrap glyphicons to the public directory so that they are accessible by TinyMCE and Bootstrap code
+
+#### Removed webpacker gem
+
+As Webpacker is no longer maintained by the Rails community, we have replaced it by `jsbundling-rails` and `cssbundling-rails` for the Javascript & CSS compilation.
+
+- Removed `webpacker` gem
+- Added `jsbundling-rails`
+- Updated webpack and its configuration to V5
+- Moved `app/javascript/packs/application.js` to `app/javascript/application.js`
+- Removed `ruby-sass` gem
+- Added `cssbundling-rails` gem and DartSass JS library
+- Updated SASS stylesheets following the migration to the latest version of the `sass` package (See below).
+- Removed `font-awesome-sass` gem and used `@fortawesome/fontawesome-free` npm package
+- Issue with `@import 'font-awesome-sprockets';` line in `app/assets/stylesheets/application.scss`. Removed that line after referring to the latest font-awesome install/setup guide which no longer includes it.
+
+With the removal of Webpacker, the Javascript/SASS code is no longer automaticaly compiled when using the `rails server` command. It has been replaced by the `bin/dev` command that launch the rails server and the processes that watch for changes in the SASS and Javascript code.
+
+#### SASS update : removal of the `@import` keyword
+
+With the removal of the webpacker gem, the DartSass package has been installed to ensure the compilation of the Sass stylesheet and with it, an update to the Sass version used by the code :
+- `@import` keyword for custom stylesheets has been removed (although we can still import stylesheets from externals packages) and has been replaced by `@use` and `@forward`
+- An `_index.scss` file have to be created in folders containing multiple sass files. Each file have to be included in the index with the `@use` or `@forward` keyword.
+- In most cases `@import` can be replaced by `@use` when importing a file.
+- `@forward` makes mixins, functions and variables available when a stylesheet is loaded.
+- When imported, Sass variables are now namespaced with the file name in which they are declared (ex : `color: colors.$red`). A namespace can be renamed (ex : `@use "colours" as c;`) or removed when included (ex : `@use "colours" as *;`)
+- Sass variables are no longer declared globally and have to be included in files where they are used.
+For more detailed explanation, please refer to this video : https://www.youtube.com/watch?v=CR-a8upNjJ0
+
+### Introduction of RackAttack
+[Rack Attack](https://github.com/rack/rack-attack) is middleware that can be used to help protect the application from malicious activity. You can establish white/black lists for specific IP addresses and also define rate limits.
+
+- Using Rack-attack address vulnerabilities pointed out in password reset and login: there was no request rate limit.[#3214](https://github.com/DMPRoadmap/roadmap/issues/3214)
+
+### Cleanup of Capybara configuration
+- Cleaned up Gemfile by:
+  - removing gems that were already commented out
+  - removed selenium-webdriver and capybara-webmock
+  - removing version restrictions on: danger, font-awesome-sass, webdrivers
+- Cleaned up `spec/rails_helper.rb` and `spec/spec_helper.rb`
+- Simplified the `spec/support/capybara.rb` helper to work with the latest version of Capybara and use its built in headless Chrome driver
+
+### Rubocop updates
+- Installed rubocop-performance gem and made suggested changes
+- Added lib tasks as exclusive from debugger rubocop check after rubocop upgrading to >= v1.45 [#3291](https://github.com/DMPRoadmap/roadmap/issues/3291)
+
+### GitHub actions updates
+- Added node version specification (v16) to eslint, PostgreSQL and MySQL github action to eliminate `digital routine enveloped` error [#319](https://github.com/portagenetwork/roadmap/issues/319)
+
+### Enhancements
+- Added enum to the funding status attribute of plan model to make the dropdown of 'funding status' being translatable
+- Allow users to download both single phase and  in PDF, TEXT and DOCX format. CSV file can only download single phase instead of all phases.
+
 ## v4.0.2
 
 ### Added
-
 - Added CHANGELOG.md and Danger Github Action [#3257](https://github.com/DMPRoadmap/roadmap/issues/3257)
 - Added validation with custom error message in research_output.rb to ensure a user does not enter a very large value as 'Anticipated file size'. [#3161](https://github.com/DMPRoadmap/roadmap/issues/3161)
 - Added popover for org profile page and added explanation for public plan
-### Fixed
+- Fixed template visibility issues
+- Fix to research outputs byte size which was not allowing nil
 
-- Updated JS that used to call the TinyMCE `setMode()` function so that it now calls `mode.set()` because the former is now deprecated.
-- Patched an issue that was causing a template's visibility to change to 'organizationally_visible' when saving on the template details page.
+ - Added rack-attack version 6.6.1 gem. https://rubygems.org/gems/rack-attack/versions/6.6.1
+
+### Fixed
+- Fixed an issue that was preventing uses from leaving the research output byte_size field blank
+- Patched issue that was causing template visibility to default to organizationally visible after saving
 - Froze mail gem version [#3254](https://github.com/DMPRoadmap/roadmap/issues/3254)
-- Fixed an issue with the Rails 6 keyword arguments change that was causing the `paginable_sort_link` to fail
+- Updated the CSV export so that it now includes research outputs
 - Updated sans-serif font used in PDF downloads to Roboto since Google API no longer offers Helvetica
 - Fixed discrepencies with default/max per_page values for API and UI pagination
-- Updated the CSV export so that it now includes research outputs
+- Updated JS that used to call the TinyMCE `setMode()` function so that it now calls `mode.set()` because the former is now deprecated.
+- Patched an issue that was causing a template's visibility to change to 'organizationally_visible' when saving on the template details page.
+- Fixed an issue with the Rails 6 keyword arguments change that was causing the `paginable_sort_link` to fail
 
 ### Changed
 

Dangerfile

@@ -7,7 +7,8 @@ has_test_changes = !git.modified_files.grep(/spec/).empty?
 if git.lines_of_code > 50 && has_app_changes && !has_test_changes
   warn('There are code changes, but no corresponding tests. ' \
        'Please include tests if this PR introduces any modifications in ' \
-       'behavior.',
+       'behavior. \n
+       Ignore this warning if the PR ONLY contains translation.io synced updates.',
        sticky: false)
 end
 

Gemfile

@@ -17,19 +17,16 @@ gem 'rails', '~> 6.1'
 #       Analysis of the issue: https://www.theregister.com/2021/03/25/ruby_rails_code/
 gem 'mimemagic'
 
-# Use sqlite3 as the database for Active Record
-# gem 'sqlite3', '~> 1.4'
-
 # Use Puma as the app server
 gem 'puma', group: :puma, require: false
 
-# Use SCSS for stylesheets
-# TODO : might need to move to cssbundling-rails
-# SEE: https://dev.to/kolide/how-to-migrate-a-rails-6-app-from-sass-rails-to-cssbundling-rails-4l41
-gem 'sass-rails'
+# Use esbuild, rollup.js, or Webpack to bundle your JavaScript, then deliver it via the asset pipeline in Rails
+# Read more: https://github.com/rails/jsbundling-rails
+gem 'jsbundling-rails'
 
-# Transpile app-like JavaScript. Read more: https://github.com/rails/webpacker
-gem 'webpacker'
+# Use Tailwind CSS, Bootstrap, Bulma, PostCSS, or Dart Sass to bundle and process your CSS
+# Read more: https://github.com/rails/cssbundling-rails
+gem 'cssbundling-rails'
 
 # Turbo gives you the speed of a single-page web application without having to write any JavaScript..
 # Read more: https://github.com/hotwired/turbo-rails
@@ -137,6 +134,9 @@ gem 'jwt'
 # OO authorization for Rails (https://github.com/elabs/pundit)
 gem 'pundit'
 
+# Gem for throttling malicious attacks
+gem 'rack-attack', '~> 6.6', '>= 6.6.1'
+
 # ========== #
 # UI / VIEWS #
 # ========== #
@@ -184,23 +184,10 @@ gem 'api-pagination'
 # STYLESHEETS #
 # =========== #
 
-# Integrate SassC-Ruby into Rails. (https://github.com/sass/sassc-rails)
-gem 'sassc-rails'
-
-# Font-Awesome SASS (https://github.com/FortAwesome/font-awesome-sass)
-gem 'font-awesome-sass', '~> 5'
-
-# Use webpack to manage app-like JavaScript modules in Rails
-# (https://github.com/rails/webpacker)
-# gem "webpacker"
-
 # Parse CSS and add vendor prefixes to CSS rules using values from the Can
 # I Use website. (https://github.com/ai/autoprefixer-rails)
 gem 'autoprefixer-rails'
 
-# Minimal embedded v8 for Ruby (https://github.com/discourse/mini_racer)
-# gem "mini_racer"
-
 # ========= #
 # EXPORTING #
 # ========= #
@@ -293,11 +280,6 @@ group :test do
   # (http://github.com/bblimke/webmock)
   gem 'webmock'
 
-  # Code coverage for Ruby 1.9+ with a powerful configuration library and
-  # automatic merging of coverage across test suites
-  # (http://github.com/colszowka/simplecov)
-  # gem 'simplecov', require: false
-
   # Strategies for cleaning databases.  Can be used to ensure a clean state
   # for testing. (http://github.com/DatabaseCleaner/database_cleaner)
   gem 'database_cleaner', require: false
@@ -311,17 +293,9 @@ group :test do
 
   # Adds support for Capybara system testing and selenium driver
   gem 'capybara'
-  gem 'selenium-webdriver'
-  # Easy installation and use of web drivers to run system tests with browsers
-  gem 'webdrivers', '~> 5.2'
 
-  # Automatically create snapshots when Cucumber steps fail with Capybara
-  # and Rails (http://github.com/mattheworiordan/capybara-screenshot)
-  # gem 'capybara-screenshot'
-
-  # Browser integration tests are expensive. We can mock external requests
-  # in our tests, but once a browser is involved, we lose control.
-  gem 'capybara-webmock'
+  # Easy installation and use of web drivers to run system tests with browsers
+  gem 'webdrivers'
 
   # RSpec::CollectionMatchers lets you express expected outcomes on
   # collections of an object in an example.
@@ -335,7 +309,7 @@ group :test do
   gem 'rails-controller-testing'
 
   # automating code review
-  gem 'danger', '~> 9.0', require: false
+  gem 'danger'
 end
 
 group :ci, :development do