From 90cd2e0ba26f737b010247a809e57fadc73af835 Mon Sep 17 00:00:00 2001 From: Maikel Linke Date: Mon, 6 Oct 2025 12:51:07 +1100 Subject: [PATCH 1/8] Make log-level configurable in staging The new comment and code come from the Rails 8.0 default files. --- config/environments/production.rb | 4 +--- config/environments/staging.rb | 4 ++-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/config/environments/production.rb b/config/environments/production.rb index 2bd5bc27bc..ff8394a821 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -68,9 +68,7 @@ Rails.application.configure do # Prepend all log lines with the following tags. config.log_tags = [:request_id] - # "info" includes generic and useful information about system operation, but avoids logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). If you - # want to log everything, set the level to "debug". + # Change to "debug" to log everything (including potentially personally-identifiable information!) config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") # Use a different cache store in production. diff --git a/config/environments/staging.rb b/config/environments/staging.rb index 727598011c..b344d4446e 100644 --- a/config/environments/staging.rb +++ b/config/environments/staging.rb @@ -35,8 +35,8 @@ Openfoodnetwork::Application.configure do # Use https in email links config.action_mailer.default_url_options = { protocol: 'https' } - # Set log level (default is :debug in Rails 4) - config.log_level = :info + # Change to "debug" to log everything (including potentially personally-identifiable information!) + config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info") # Configure logging: config.log_formatter = Logger::Formatter.new.tap { |f| f.datetime_format = "%Y-%m-%d %H:%M:%S" } From 23b2c8e11b1c730c9742b06121a243983c46826b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Oct 2025 09:05:06 +0000 Subject: [PATCH 2/8] Bump jasmine-core from 5.11.0 to 5.12.0 Bumps [jasmine-core](https://github.com/jasmine/jasmine) from 5.11.0 to 5.12.0. - [Release notes](https://github.com/jasmine/jasmine/releases) - [Changelog](https://github.com/jasmine/jasmine/blob/main/RELEASE.md) - [Commits](https://github.com/jasmine/jasmine/compare/v5.11.0...v5.12.0) --- updated-dependencies: - dependency-name: jasmine-core dependency-version: 5.12.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index b353aef9b1..0f4c15128e 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ "webpack": "~4" }, "devDependencies": { - "jasmine-core": "~5.11.0", + "jasmine-core": "~5.12.0", "jest": "^27.4.7", "karma": "~6.4.4", "karma-chrome-launcher": "~3.2.0", diff --git a/yarn.lock b/yarn.lock index f98686d2c8..0e70f41507 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5337,10 +5337,10 @@ istanbul-reports@^3.1.3: html-escaper "^2.0.0" istanbul-lib-report "^3.0.0" -jasmine-core@~5.11.0: - version "5.11.0" - resolved "https://registry.yarnpkg.com/jasmine-core/-/jasmine-core-5.11.0.tgz#1343e324a0148508511031a1d5fc0d4b7ee92446" - integrity sha512-MPJ8L5yyNul0F2SuEsLASwESXQjJvBXnKu31JWFyRZSvuv2B79K4GDWN3pSqvLheUNh7Fyb6dXwd4rsz95O2Kg== +jasmine-core@~5.12.0: + version "5.12.0" + resolved "https://registry.yarnpkg.com/jasmine-core/-/jasmine-core-5.12.0.tgz#a0cd016483756e9537ba354c52a4ec6d8e9e7951" + integrity sha512-QqO4pX33GEML5JoGQU6BM5NHKPgEsg+TXp3jCIDek9MbfEp2JUYEFBo9EF1+hegWy/bCHS1m5nP0BOp18G6rVA== jest-changed-files@^27.5.1: version "27.5.1" From 8942f3c72b629edc71c8dccbada9065d91c4a8f5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Oct 2025 09:05:35 +0000 Subject: [PATCH 3/8] Bump rails-i18n from 7.0.9 to 7.0.10 Bumps [rails-i18n](https://github.com/svenfuchs/rails-i18n) from 7.0.9 to 7.0.10. - [Changelog](https://github.com/svenfuchs/rails-i18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/svenfuchs/rails-i18n/compare/v7.0.9...v7.0.10) --- updated-dependencies: - dependency-name: rails-i18n dependency-version: 7.0.10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index e38da5e823..fc92ee9688 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -636,7 +636,7 @@ GEM rails-html-sanitizer (1.6.2) loofah (~> 2.21) nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) - rails-i18n (7.0.9) + rails-i18n (7.0.10) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 8) rails_safe_tasks (1.0.0) From e9a750ce6d4b703351ba1068fdfe0bfbf6e5ddbb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Oct 2025 09:06:17 +0000 Subject: [PATCH 4/8] Bump mime-types from 3.5.2 to 3.7.0 Bumps [mime-types](https://github.com/mime-types/ruby-mime-types) from 3.5.2 to 3.7.0. - [Changelog](https://github.com/mime-types/ruby-mime-types/blob/main/CHANGELOG.md) - [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.5.2...v3.7.0) --- updated-dependencies: - dependency-name: mime-types dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index e38da5e823..a31eefab57 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -466,9 +466,10 @@ GEM marcel (1.0.4) matrix (0.4.2) method_source (1.1.0) - mime-types (3.5.2) - mime-types-data (~> 3.2015) - mime-types-data (3.2023.1205) + mime-types (3.7.0) + logger + mime-types-data (~> 3.2025, >= 3.2025.0507) + mime-types-data (3.2025.0924) mimemagic (0.4.3) nokogiri (~> 1) rake From 286f05d05cc069d103c846920c587ba13963240b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Oct 2025 09:06:51 +0000 Subject: [PATCH 5/8] Bump undercover from 0.7.4 to 0.8.1 Bumps [undercover](https://github.com/grodowski/undercover) from 0.7.4 to 0.8.1. - [Release notes](https://github.com/grodowski/undercover/releases) - [Changelog](https://github.com/grodowski/undercover/blob/master/CHANGELOG.md) - [Commits](https://github.com/grodowski/undercover/compare/v0.7.4...v0.8.1) --- updated-dependencies: - dependency-name: undercover dependency-version: 0.8.1 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index e38da5e823..7667e0ca71 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -283,7 +283,7 @@ GEM devise (>= 4.0.0, < 5.0.0) diff-lcs (1.6.2) digest (3.1.1) - docile (1.4.0) + docile (1.4.1) dotenv (3.1.2) drb (2.2.3) em-http-request (1.1.7) @@ -541,7 +541,7 @@ GEM parallel (1.24.0) paranoia (2.6.3) activerecord (>= 5.1, < 7.2) - parser (3.3.8.0) + parser (3.3.9.0) ast (~> 2.4.1) racc paypal-sdk-core (0.3.4) @@ -800,7 +800,7 @@ GEM docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) - simplecov-html (0.12.3) + simplecov-html (0.13.2) simplecov_json_formatter (0.1.4) spreadsheet_architect (5.0.0) caxlsx (>= 3.3.0, < 4) @@ -864,7 +864,7 @@ GEM turbo-rails (>= 1.3.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - undercover (0.7.4) + undercover (0.8.1) base64 bigdecimal imagen (>= 0.2.0) From bb4b483469dec9c2216785453ed79db62f3bc9cc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Oct 2025 19:44:09 +0000 Subject: [PATCH 6/8] Bump rack from 2.2.18 to 2.2.19 Bumps [rack](https://github.com/rack/rack) from 2.2.18 to 2.2.19. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v2.2.18...v2.2.19) --- updated-dependencies: - dependency-name: rack dependency-version: 2.2.19 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index e38da5e823..b842b62360 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -582,7 +582,7 @@ GEM railties (>= 4.2) raabro (1.4.0) racc (1.8.1) - rack (2.2.18) + rack (2.2.19) rack-mini-profiler (2.3.4) rack (>= 1.2.0) rack-oauth2 (2.2.1) From 5b383237ea7409c085440d199b69de11d297ee8c Mon Sep 17 00:00:00 2001 From: Maikel Linke Date: Wed, 1 Oct 2025 10:10:29 +1000 Subject: [PATCH 7/8] Deactivate Puffing Billy to avoid hanging specs --- spec/system/admin/enterprises/dfc_permissions_spec.rb | 4 ++++ spec/system/admin/enterprises/images_spec.rb | 4 +++- spec/system/billy_spec.rb | 4 ++++ spec/system/support/cuprite_setup.rb | 5 ++++- 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/spec/system/admin/enterprises/dfc_permissions_spec.rb b/spec/system/admin/enterprises/dfc_permissions_spec.rb index 14261c95fe..114b67871b 100644 --- a/spec/system/admin/enterprises/dfc_permissions_spec.rb +++ b/spec/system/admin/enterprises/dfc_permissions_spec.rb @@ -5,6 +5,10 @@ require "system_helper" RSpec.describe "DFC Permissions", feature: "cqcm-dev", vcr: true do let(:enterprise) { create(:enterprise) } + before do + skip "Puffing Billy seems to make our rspec processes hand at the end." + end + before do login_as enterprise.owner end diff --git a/spec/system/admin/enterprises/images_spec.rb b/spec/system/admin/enterprises/images_spec.rb index c2694a49f3..2ea28381d1 100644 --- a/spec/system/admin/enterprises/images_spec.rb +++ b/spec/system/admin/enterprises/images_spec.rb @@ -71,7 +71,9 @@ RSpec.describe "Managing enterprise images" do click_button "Confirm" end - expect(flash_message).to match(/Logo removed/) + # There's a race condition. + # Either of these messages can be observed. + expect(flash_message).to match /(Logo removed)|(Enterprise .* updated)/ within ".page-admin-enterprises-form__logo-field-group" do expect_no_preview_image diff --git a/spec/system/billy_spec.rb b/spec/system/billy_spec.rb index 251e827af8..a3ebc15931 100644 --- a/spec/system/billy_spec.rb +++ b/spec/system/billy_spec.rb @@ -3,6 +3,10 @@ require 'system_helper' RSpec.describe "Testing external scripts loaded in the browser" do + before do + skip "Puffing Billy seems to make our rspec processes hand at the end." + end + it "loads a website", :vcr do visit "http://deb.debian.org:80/debian/" expect(page).to have_content "Debian Archive" diff --git a/spec/system/support/cuprite_setup.rb b/spec/system/support/cuprite_setup.rb index 1d5c195b0c..0729f5f8d4 100644 --- a/spec/system/support/cuprite_setup.rb +++ b/spec/system/support/cuprite_setup.rb @@ -32,7 +32,10 @@ Capybara.register_driver(:cuprite_ofn) do |app| inspector: true, headless:, js_errors: true, - proxy: { host: Billy.proxy.host, port: Billy.proxy.port }, + # Puffing Billy seems to make our rspec processes hand at the end. + # Deactivating for now. + # + # proxy: { host: Billy.proxy.host, port: Billy.proxy.port }, ) end From 60ee33053dc3a1ba49d9c5a2d8936de7d1a5e759 Mon Sep 17 00:00:00 2001 From: David Cook Date: Wed, 8 Oct 2025 14:15:56 +1100 Subject: [PATCH 8/8] Apply suggestions from code review --- spec/system/admin/enterprises/dfc_permissions_spec.rb | 2 +- spec/system/billy_spec.rb | 2 +- spec/system/support/cuprite_setup.rb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/spec/system/admin/enterprises/dfc_permissions_spec.rb b/spec/system/admin/enterprises/dfc_permissions_spec.rb index 114b67871b..5b7adcd716 100644 --- a/spec/system/admin/enterprises/dfc_permissions_spec.rb +++ b/spec/system/admin/enterprises/dfc_permissions_spec.rb @@ -6,7 +6,7 @@ RSpec.describe "DFC Permissions", feature: "cqcm-dev", vcr: true do let(:enterprise) { create(:enterprise) } before do - skip "Puffing Billy seems to make our rspec processes hand at the end." + skip "Puffing Billy seems to make our rspec processes hang at the end." end before do diff --git a/spec/system/billy_spec.rb b/spec/system/billy_spec.rb index a3ebc15931..da13cc5ceb 100644 --- a/spec/system/billy_spec.rb +++ b/spec/system/billy_spec.rb @@ -4,7 +4,7 @@ require 'system_helper' RSpec.describe "Testing external scripts loaded in the browser" do before do - skip "Puffing Billy seems to make our rspec processes hand at the end." + skip "Puffing Billy seems to make our rspec processes hang at the end." end it "loads a website", :vcr do diff --git a/spec/system/support/cuprite_setup.rb b/spec/system/support/cuprite_setup.rb index 0729f5f8d4..4c30325690 100644 --- a/spec/system/support/cuprite_setup.rb +++ b/spec/system/support/cuprite_setup.rb @@ -32,7 +32,7 @@ Capybara.register_driver(:cuprite_ofn) do |app| inspector: true, headless:, js_errors: true, - # Puffing Billy seems to make our rspec processes hand at the end. + # Puffing Billy seems to make our rspec processes hang at the end. # Deactivating for now. # # proxy: { host: Billy.proxy.host, port: Billy.proxy.port },