If you aren't signed in, you don't have an auth token.
When you don't have an auth token, React was sending the headers
"Authorization: Bearer null"
This caused 5 Doorkeeper token lookups using
WHERE "oauth_access_tokens"."token" = 'null'
on the Explore page (the root of the app when not signed in).
Rails won't even attempt to write to a replica. Without this option,
a write attempt would actually run against Postgres, and it would
be up to Postgres to throw a readonly error.
Additionally, marking it as a replica teaches ActiveRecord that it
should not attempt to run migrations against this connection.
https://api.rubyonrails.org/classes/ActiveRecord/DatabaseConfigurations.html#method-i-configs_for
I'm actually pretty sure that the lack of `replica: true`
is why there's currently a db/slave1_schema.rb and db/slave2_schema.rb
Anything in the &default section can be merged in using <<: *default
In this case, the default already specifies that the adapter is
postgresql, the timeout is 5000, the encoding is unicode. It also
already specified the db pool, but the default actually checked 2
different ENVs and provided a fallback if it's not provided.
Lastly, I was able to move the prepared_statements section to the
defaults, because the .env.vagrant file doesn't specify
ENV['PREPARED_STATEMENTS'], development still just sets it to
'false'.
• Updated:
- labels and hints in user registration form
- Made clear requirements for usernames
• Removed:
- question of "Are you human?" in the captcha label as people were answering "yes" in the input instead of the captcha value
- Added listen gem because rails app:update failed without it
- Removes nsa gem because it requires activesupport < 6
Oddly, there's a newer version per GitHub that's not on RubyGems
that raises the requirement to < 7. But, we need a new release
before we can use that.
- Upgrade rails-i18n to v6, for Rails 6 compatibility
- Remove redis-rails since it requires Rails < 6, but we can just use
the regular Rails :redis_cache_store that was introduced in 5.2.
- Run `rails app:update`
- Had to weed through the `config/environments` changes to pick up
newly added settings, while not losing settings that were
intentionally configured
- This generated config/initializers/new_framework_defaults_6_0.rb.
The goal is to uncomment all of the settings in that file. Once
they're all uncommented, delete the file and edit
config/application.rb's load_defaults to be 6.0.
- force_ssl controller method is deprecated in favor of a Rails
config setting.
- bin/setup was generated by Rails
- Verbose query logging in development is really helpful. It shows
you what line of code caused a query to execute.
- Calling establish_connection after worker boot isn't necessary
with ActiveRecord anymore. ActiveRecord handles it gracefully.
- Rails generated a migration to add a foreign key for ActiveStorage.
Gab currently doesn't use ActiveStorage, and instead uses Paperclip
(since ActiveStorage didn't exist when Mastadon started). So, this
change isn't relevant to Gab.
- Added ` || ''` in the profiles controller, because I was unable
to save a change to a newly created profile. (This probably
explains the 500 error I received on prod Gab recently.)
• Added:
- New Account filtering
- PreviewCard viewing/sorting/filtering deleting (todo)
- DeletePreviewCardWorker, Service
- Status viewing/sorting/filtering deleting
- ChatMessage viewing/sorting/filtering deleting (todo)
- Account > Follows view
• Updated:
- LinkBlock to sort alphabetically
- Groups to be under "Moderation" instead of "Admin" in navigation.rb
- Status in admin to have group name/link
- Reports reset button
- Group filtering/sorting
- LinkBlock filtering/sorting
- Account now has bio and few more data points in dashboard
• Updated:
- routes for admins dashboard (expenses, group categories, promotions, trending hashtags) that were in the /settings path but are now in the /admin path
- /filters to be in /settings/filters
• Removed:
- authorize_follow route
• Updated:
- rack_attack with few new limits: 20x1d chat conversation creates, 60x10m searches, un auth api 150x5m
- organized all throttles in file, added comments
new MediaAttachment video style :playable for mp4 to make videojs work with multiple files, hiding albums, hiding bookmark collections. may need tweaks on mediaattachment for mov and other formats : todo :