M .rubocop_todo.yml => .rubocop_todo.yml +1 -3
@@ 1,6 1,6 @@
# This configuration was generated by
# `rubocop --auto-gen-config --auto-gen-only-exclude --no-exclude-limit --no-offense-counts --no-auto-gen-timestamp`
-# using RuboCop version 1.52.1.
+# using RuboCop version 1.54.1.
# The point is for the user to remove these configuration records
# one by one as the offenses are removed from the code base.
# Note that changes in the inspected code, or installation of new
@@ 28,7 28,6 @@ Layout/ArgumentAlignment:
# SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit
Layout/HashAlignment:
Exclude:
- - 'config/boot.rb'
- 'config/environments/production.rb'
- 'config/initializers/rack_attack.rb'
- 'config/routes.rb'
@@ 254,7 253,6 @@ RSpec/HookArgument:
- 'spec/serializers/activitypub/note_serializer_spec.rb'
- 'spec/serializers/activitypub/update_poll_serializer_spec.rb'
- 'spec/services/import_service_spec.rb'
- - 'spec/spec_helper.rb'
# Configuration parameters: AssignmentOnly.
RSpec/InstanceVariable:
M Gemfile => Gemfile +2 -2
@@ 4,7 4,7 @@ source 'https://rubygems.org'
ruby '>= 3.0.0'
gem 'puma', '~> 6.3'
-gem 'rails', '~> 6.1.7'
+gem 'rails', '~> 7.0'
gem 'sprockets', '~> 3.7.2'
gem 'thor', '~> 1.2'
gem 'rack', '~> 2.2.7'
@@ 66,7 66,7 @@ gem 'pundit', '~> 2.3'
gem 'premailer-rails'
gem 'rack-attack', '~> 6.6'
gem 'rack-cors', '~> 2.0', require: 'rack/cors'
-gem 'rails-i18n', '~> 6.0'
+gem 'rails-i18n', '~> 7.0'
gem 'rails-settings-cached', '~> 0.6', git: 'https://github.com/mastodon/rails-settings-cached.git', branch: 'v0.6.6-aliases-true'
gem 'redcarpet', '~> 3.6'
gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis']
M Gemfile.lock => Gemfile.lock +71 -63
@@ 18,40 18,47 @@ GIT
GEM
remote: https://rubygems.org/
specs:
- actioncable (6.1.7.4)
- actionpack (= 6.1.7.4)
- activesupport (= 6.1.7.4)
+ actioncable (7.0.6)
+ actionpack (= 7.0.6)
+ activesupport (= 7.0.6)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
- actionmailbox (6.1.7.4)
- actionpack (= 6.1.7.4)
- activejob (= 6.1.7.4)
- activerecord (= 6.1.7.4)
- activestorage (= 6.1.7.4)
- activesupport (= 6.1.7.4)
+ actionmailbox (7.0.6)
+ actionpack (= 7.0.6)
+ activejob (= 7.0.6)
+ activerecord (= 7.0.6)
+ activestorage (= 7.0.6)
+ activesupport (= 7.0.6)
mail (>= 2.7.1)
- actionmailer (6.1.7.4)
- actionpack (= 6.1.7.4)
- actionview (= 6.1.7.4)
- activejob (= 6.1.7.4)
- activesupport (= 6.1.7.4)
+ net-imap
+ net-pop
+ net-smtp
+ actionmailer (7.0.6)
+ actionpack (= 7.0.6)
+ actionview (= 7.0.6)
+ activejob (= 7.0.6)
+ activesupport (= 7.0.6)
mail (~> 2.5, >= 2.5.4)
+ net-imap
+ net-pop
+ net-smtp
rails-dom-testing (~> 2.0)
- actionpack (6.1.7.4)
- actionview (= 6.1.7.4)
- activesupport (= 6.1.7.4)
- rack (~> 2.0, >= 2.0.9)
+ actionpack (7.0.6)
+ actionview (= 7.0.6)
+ activesupport (= 7.0.6)
+ rack (~> 2.0, >= 2.2.4)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
- actiontext (6.1.7.4)
- actionpack (= 6.1.7.4)
- activerecord (= 6.1.7.4)
- activestorage (= 6.1.7.4)
- activesupport (= 6.1.7.4)
+ actiontext (7.0.6)
+ actionpack (= 7.0.6)
+ activerecord (= 7.0.6)
+ activestorage (= 7.0.6)
+ activesupport (= 7.0.6)
+ globalid (>= 0.6.0)
nokogiri (>= 1.8.5)
- actionview (6.1.7.4)
- activesupport (= 6.1.7.4)
+ actionview (7.0.6)
+ activesupport (= 7.0.6)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
@@ 61,27 68,26 @@ GEM
activemodel (>= 4.1, < 7.1)
case_transform (>= 0.2)
jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
- activejob (6.1.7.4)
- activesupport (= 6.1.7.4)
+ activejob (7.0.6)
+ activesupport (= 7.0.6)
globalid (>= 0.3.6)
- activemodel (6.1.7.4)
- activesupport (= 6.1.7.4)
- activerecord (6.1.7.4)
- activemodel (= 6.1.7.4)
- activesupport (= 6.1.7.4)
- activestorage (6.1.7.4)
- actionpack (= 6.1.7.4)
- activejob (= 6.1.7.4)
- activerecord (= 6.1.7.4)
- activesupport (= 6.1.7.4)
+ activemodel (7.0.6)
+ activesupport (= 7.0.6)
+ activerecord (7.0.6)
+ activemodel (= 7.0.6)
+ activesupport (= 7.0.6)
+ activestorage (7.0.6)
+ actionpack (= 7.0.6)
+ activejob (= 7.0.6)
+ activerecord (= 7.0.6)
+ activesupport (= 7.0.6)
marcel (~> 1.0)
mini_mime (>= 1.1.0)
- activesupport (6.1.7.4)
+ activesupport (7.0.6)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
- zeitwerk (~> 2.3)
addressable (2.8.4)
public_suffix (>= 2.0.2, < 6.0)
aes_key_wrap (1.1.0)
@@ 167,7 173,7 @@ GEM
activesupport
cbor (0.5.9.6)
charlock_holmes (0.7.7)
- chewy (7.3.2)
+ chewy (7.3.3)
activesupport (>= 5.2)
elasticsearch (>= 7.12.0, < 7.14.0)
elasticsearch-dsl
@@ 373,6 379,7 @@ GEM
marcel (~> 1.0.1)
mime-types
terrapin (~> 0.6.0)
+ language_server-protocol (3.17.0.3)
launchy (2.5.2)
addressable (~> 2.8)
letter_opener (1.8.1)
@@ 508,21 515,20 @@ GEM
rack
rack-test (2.1.0)
rack (>= 1.3)
- rails (6.1.7.4)
- actioncable (= 6.1.7.4)
- actionmailbox (= 6.1.7.4)
- actionmailer (= 6.1.7.4)
- actionpack (= 6.1.7.4)
- actiontext (= 6.1.7.4)
- actionview (= 6.1.7.4)
- activejob (= 6.1.7.4)
- activemodel (= 6.1.7.4)
- activerecord (= 6.1.7.4)
- activestorage (= 6.1.7.4)
- activesupport (= 6.1.7.4)
+ rails (7.0.6)
+ actioncable (= 7.0.6)
+ actionmailbox (= 7.0.6)
+ actionmailer (= 7.0.6)
+ actionpack (= 7.0.6)
+ actiontext (= 7.0.6)
+ actionview (= 7.0.6)
+ activejob (= 7.0.6)
+ activemodel (= 7.0.6)
+ activerecord (= 7.0.6)
+ activestorage (= 7.0.6)
+ activesupport (= 7.0.6)
bundler (>= 1.15.0)
- railties (= 6.1.7.4)
- sprockets-rails (>= 2.0.0)
+ railties (= 7.0.6)
rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1)
actionview (>= 5.0.1.rc1)
@@ 533,15 539,16 @@ GEM
rails-html-sanitizer (1.6.0)
loofah (~> 2.21)
nokogiri (~> 1.14)
- rails-i18n (6.0.0)
+ rails-i18n (7.0.7)
i18n (>= 0.7, < 2)
- railties (>= 6.0.0, < 7)
- railties (6.1.7.4)
- actionpack (= 6.1.7.4)
- activesupport (= 6.1.7.4)
+ railties (>= 6.0.0, < 8)
+ railties (7.0.6)
+ actionpack (= 7.0.6)
+ activesupport (= 7.0.6)
method_source
rake (>= 12.2)
thor (~> 1.0)
+ zeitwerk (~> 2.5)
rainbow (3.1.1)
rake (13.0.6)
rdf (3.2.11)
@@ 589,8 596,9 @@ GEM
sidekiq (>= 2.4.0)
rspec-support (3.12.0)
rspec_chunked (0.6)
- rubocop (1.52.1)
+ rubocop (1.54.1)
json (~> 2.3)
+ language_server-protocol (>= 3.17.0)
parallel (~> 1.10)
parser (>= 3.2.2.3)
rainbow (>= 2.2.2, < 4.0)
@@ 688,7 696,7 @@ GEM
climate_control (>= 0.0.3, < 1.0)
thor (1.2.2)
tilt (2.2.0)
- timeout (0.3.2)
+ timeout (0.4.0)
tpm-key_attestation (0.12.0)
bindata (~> 2.4)
openssl (> 2.0)
@@ 839,9 847,9 @@ DEPENDENCIES
rack-attack (~> 6.6)
rack-cors (~> 2.0)
rack-test (~> 2.1)
- rails (~> 6.1.7)
+ rails (~> 7.0)
rails-controller-testing (~> 1.0)
- rails-i18n (~> 6.0)
+ rails-i18n (~> 7.0)
rails-settings-cached (~> 0.6)!
rdf-normalize (~> 0.5)
redcarpet (~> 3.6)
M app/controllers/api/v1/markers_controller.rb => app/controllers/api/v1/markers_controller.rb +4 -1
@@ 7,7 7,10 @@ class Api::V1::MarkersController < Api::BaseController
before_action :require_user!
def index
- @markers = current_user.markers.where(timeline: Array(params[:timeline])).index_by(&:timeline)
+ with_read_replica do
+ @markers = current_user.markers.where(timeline: Array(params[:timeline])).index_by(&:timeline)
+ end
+
render json: serialize_map(@markers)
end
M app/controllers/api/v1/notifications_controller.rb => app/controllers/api/v1/notifications_controller.rb +6 -2
@@ 9,8 9,12 @@ class Api::V1::NotificationsController < Api::BaseController
DEFAULT_NOTIFICATIONS_LIMIT = 40
def index
- @notifications = load_notifications
- render json: @notifications, each_serializer: REST::NotificationSerializer, relationships: StatusRelationshipsPresenter.new(target_statuses_from_notifications, current_user&.account_id)
+ with_read_replica do
+ @notifications = load_notifications
+ @relationships = StatusRelationshipsPresenter.new(target_statuses_from_notifications, current_user&.account_id)
+ end
+
+ render json: @notifications, each_serializer: REST::NotificationSerializer, relationships: @relationships
end
def show
M app/controllers/api/v1/timelines/home_controller.rb => app/controllers/api/v1/timelines/home_controller.rb +1 -1
@@ 6,7 6,7 @@ class Api::V1::Timelines::HomeController < Api::BaseController
after_action :insert_pagination_headers, unless: -> { @statuses.empty? }
def show
- ApplicationRecord.connected_to(role: :read, prevent_writes: true) do
+ with_read_replica do
@statuses = load_statuses
@relationships = StatusRelationshipsPresenter.new(@statuses, current_user&.account_id)
end
M app/controllers/application_controller.rb => app/controllers/application_controller.rb +1 -0
@@ 11,6 11,7 @@ class ApplicationController < ActionController::Base
include CacheConcern
include DomainControlHelper
include ThemingConcern
+ include DatabaseHelper
helper_method :current_account
helper_method :current_session
A app/helpers/database_helper.rb => app/helpers/database_helper.rb +11 -0
@@ 0,0 1,11 @@
+# frozen_string_literal: true
+
+module DatabaseHelper
+ def with_read_replica(&block)
+ ApplicationRecord.connected_to(role: :read, prevent_writes: true, &block)
+ end
+
+ def with_primary(&block)
+ ApplicationRecord.connected_to(role: :primary, &block)
+ end
+end
M app/helpers/domain_control_helper.rb => app/helpers/domain_control_helper.rb +1 -1
@@ 2,7 2,7 @@
module DomainControlHelper
def domain_not_allowed?(uri_or_domain)
- return if uri_or_domain.blank?
+ return false if uri_or_domain.blank?
domain = if uri_or_domain.include?('://')
Addressable::URI.parse(uri_or_domain).host
M app/lib/connection_pool/shared_connection_pool.rb => app/lib/connection_pool/shared_connection_pool.rb +1 -1
@@ 1,7 1,7 @@
# frozen_string_literal: true
require 'connection_pool'
-require_relative './shared_timed_stack'
+require_relative 'shared_timed_stack'
class ConnectionPool::SharedConnectionPool < ConnectionPool
def initialize(options = {}, &block)
M app/lib/inline_renderer.rb => app/lib/inline_renderer.rb +1 -1
@@ 37,7 37,7 @@ class InlineRenderer
private
def preload_associations_for_status
- ActiveRecord::Associations::Preloader.new.preload(@object, {
+ ActiveRecord::Associations::Preloader.new(records: @object, associations: {
active_mentions: :account,
reblog: {
M app/lib/request_pool.rb => app/lib/request_pool.rb +1 -1
@@ 1,6 1,6 @@
# frozen_string_literal: true
-require_relative './connection_pool/shared_connection_pool'
+require_relative 'connection_pool/shared_connection_pool'
class RequestPool
def self.current
M => +1 -1
@@ 16,7 16,7 @@ class RSS::Channel < RSS::Element
end
def last_build_date(date)
append_element('lastBuildDate', date.to_formatted_s(:rfc822))
append_element('lastBuildDate', date.to_fs(:rfc822))
end
def image(url, title, link)
M => +1 -1
@@ 20,7 20,7 @@ class RSS::Item < RSS::Element
end
def pub_date(date)
append_element('pubDate', date.to_formatted_s(:rfc822))
append_element('pubDate', date.to_fs(:rfc822))
end
def description(str)
M app/models/announcement.rb => app/models/announcement.rb +1 -1
@@ 80,7 80,7 @@ class Announcement < ApplicationRecord
end
end
- ActiveRecord::Associations::Preloader.new.preload(records, :custom_emoji)
+ ActiveRecord::Associations::Preloader.new(records: records, associations: :custom_emoji)
records
end
M app/models/concerns/account_search.rb => app/models/concerns/account_search.rb +2 -2
@@ 122,7 122,7 @@ module AccountSearch
tsquery = generate_query_for_search(terms)
find_by_sql([BASIC_SEARCH_SQL, { limit: limit, offset: offset, tsquery: tsquery }]).tap do |records|
- ActiveRecord::Associations::Preloader.new.preload(records, :account_stat)
+ ActiveRecord::Associations::Preloader.new(records: records, associations: :account_stat)
end
end
@@ 131,7 131,7 @@ module AccountSearch
sql_template = following ? ADVANCED_SEARCH_WITH_FOLLOWING : ADVANCED_SEARCH_WITHOUT_FOLLOWING
find_by_sql([sql_template, { id: account.id, limit: limit, offset: offset, tsquery: tsquery }]).tap do |records|
- ActiveRecord::Associations::Preloader.new.preload(records, :account_stat)
+ ActiveRecord::Associations::Preloader.new(records: records, associations: :account_stat)
end
end
M app/models/concerns/status_safe_reblog_insert.rb => app/models/concerns/status_safe_reblog_insert.rb +24 -24
@@ 4,41 4,41 @@ module StatusSafeReblogInsert
extend ActiveSupport::Concern
class_methods do
- # This is a hack to ensure that no reblogs of discarded statuses are created,
- # as this cannot be enforced through database constraints the same way we do
- # for reblogs of deleted statuses.
+ # This patch overwrites the built-in ActiveRecord `_insert_record` method to
+ # ensure that no reblogs of discarded statuses are created, as this cannot be
+ # enforced through DB constraints the same way as reblogs of deleted statuses
#
- # To achieve this, we redefine the internal method responsible for issuing
- # the "INSERT" statement and replace the "INSERT INTO ... VALUES ..." query
- # with an "INSERT INTO ... SELECT ..." query with a "WHERE deleted_at IS NULL"
- # clause on the reblogged status to ensure consistency at the database level.
+ # We redefine the internal method responsible for issuing the `INSERT`
+ # statement and replace the `INSERT INTO ... VALUES ...` query with an `INSERT
+ # INTO ... SELECT ...` query with a `WHERE deleted_at IS NULL` clause on the
+ # reblogged status to ensure consistency at the database level.
#
- # Otherwise, the code is kept as close as possible to ActiveRecord::Persistence
- # code, and actually calls it if we are not handling a reblog.
+ # The code is kept similar to ActiveRecord::Persistence code and calls it
+ # directly when we are not handling a reblog.
def _insert_record(values)
- return super unless values.is_a?(Hash) && values['reblog_of_id'].present?
+ return super unless values.is_a?(Hash) && values['reblog_of_id']&.value.present?
primary_key = self.primary_key
primary_key_value = nil
- if primary_key
- primary_key_value = values[primary_key]
-
- if !primary_key_value && prefetch_primary_key?
+ if prefetch_primary_key? && primary_key
+ values[primary_key] ||= begin
primary_key_value = next_sequence_value
- values[primary_key] = primary_key_value
+ _default_attributes[primary_key].with_cast_value(primary_key_value)
end
end
- # The following line is where we differ from stock ActiveRecord implementation
+ # The following line departs from stock ActiveRecord
+ # Original code was:
+ # im.insert(values.transform_keys { |name| arel_table[name] })
+ # Instead, we use a custom builder when a reblog is happening:
im = _compile_reblog_insert(values)
- # Since we are using SELECT instead of VALUES, a non-error `nil` return is possible.
- # For our purposes, it's equivalent to a foreign key constraint violation
- result = connection.insert(im, "#{self} Create", primary_key || false, primary_key_value)
- raise ActiveRecord::InvalidForeignKey, "(reblog_of_id)=(#{values['reblog_of_id']}) is not present in table \"statuses\"" if result.nil?
-
- result
+ connection.insert(im, "#{self} Create", primary_key || false, primary_key_value).tap do |result|
+ # Since we are using SELECT instead of VALUES, a non-error `nil` return is possible.
+ # For our purposes, it's equivalent to a foreign key constraint violation
+ raise ActiveRecord::InvalidForeignKey, "(reblog_of_id)=(#{values['reblog_of_id'].value}) is not present in table \"statuses\"" if result.nil?
+ end
end
def _compile_reblog_insert(values)
@@ 54,9 54,9 @@ module StatusSafeReblogInsert
binds = []
reblog_bind = nil
- values.each do |name, value|
+ values.each do |name, attribute|
attr = arel_table[name]
- bind = predicate_builder.build_bind_attribute(attr.name, value)
+ bind = predicate_builder.build_bind_attribute(attr.name, attribute.value)
im.columns << attr
binds << bind
M app/models/notification.rb => app/models/notification.rb +1 -1
@@ 111,7 111,7 @@ class Notification < ApplicationRecord
# Instead of using the usual `includes`, manually preload each type.
# If polymorphic associations are loaded with the usual `includes`, other types of associations will be loaded more.
- ActiveRecord::Associations::Preloader.new.preload(grouped_notifications, associations)
+ ActiveRecord::Associations::Preloader.new(records: grouped_notifications, associations: associations)
end
unique_target_statuses = notifications.filter_map(&:target_status).uniq
M app/serializers/initial_state_serializer.rb => app/serializers/initial_state_serializer.rb +4 -1
@@ 100,7 100,10 @@ class InitialStateSerializer < ActiveModel::Serializer
def accounts
store = {}
- ActiveRecord::Associations::Preloader.new.preload([object.current_account, object.admin, object.owner, object.disabled_account, object.moved_to_account].compact, [:account_stat, :user, { moved_to_account: [:account_stat, :user] }])
+ ActiveRecord::Associations::Preloader.new(
+ records: [object.current_account, object.admin, object.owner, object.disabled_account, object.moved_to_account].compact,
+ associations: [:account_stat, :user, { moved_to_account: [:account_stat, :user] }]
+ )
store[object.current_account.id.to_s] = ActiveModelSerializers::SerializableResource.new(object.current_account, serializer: REST::AccountSerializer) if object.current_account
store[object.admin.id.to_s] = ActiveModelSerializers::SerializableResource.new(object.admin, serializer: REST::AccountSerializer) if object.admin
M app/services/account_search_service.rb => app/services/account_search_service.rb +1 -1
@@ 93,7 93,7 @@ class AccountSearchService < BaseService
.objects
.compact
- ActiveRecord::Associations::Preloader.new.preload(records, :account_stat)
+ ActiveRecord::Associations::Preloader.new(records: records, associations: :account_stat)
records
rescue Faraday::ConnectionFailed, Parslet::ParseFailed
M app/services/batched_remove_status_service.rb => app/services/batched_remove_status_service.rb +8 -2
@@ 8,7 8,10 @@ class BatchedRemoveStatusService < BaseService
# @param [Hash] options
# @option [Boolean] :skip_side_effects Do not modify feeds and send updates to streaming API
def call(statuses, **options)
- ActiveRecord::Associations::Preloader.new.preload(statuses, options[:skip_side_effects] ? :reblogs : [:account, :tags, reblogs: :account])
+ ActiveRecord::Associations::Preloader.new(
+ records: statuses,
+ associations: options[:skip_side_effects] ? :reblogs : [:account, :tags, reblogs: :account]
+ )
statuses_and_reblogs = statuses.flat_map { |status| [status] + status.reblogs }
@@ 17,7 20,10 @@ class BatchedRemoveStatusService < BaseService
# rely on direct visibility statuses being relatively rare.
statuses_with_account_conversations = statuses.select(&:direct_visibility?)
- ActiveRecord::Associations::Preloader.new.preload(statuses_with_account_conversations, [mentions: :account])
+ ActiveRecord::Associations::Preloader.new(
+ records: statuses_with_account_conversations,
+ associations: [mentions: :account]
+ )
statuses_with_account_conversations.each do |status|
status.unlink_from_conversations!
M app/views/admin/trends/links/preview_card_providers/index.html.haml => app/views/admin/trends/links/preview_card_providers/index.html.haml +1 -1
@@ 26,7 26,7 @@
- Trends::PreviewCardProviderFilter::KEYS.each do |key|
= hidden_field_tag key, params[key] if params[key].present?
- .batch-table.optional
+ .batch-table
.batch-table__toolbar
%label.batch-table__toolbar__select.batch-checkbox-all
= check_box_tag :batch_checkbox_all, nil, false
M app/workers/feed_insert_worker.rb => app/workers/feed_insert_worker.rb +3 -2
@@ 2,9 2,10 @@
class FeedInsertWorker
include Sidekiq::Worker
+ include DatabaseHelper
def perform(status_id, id, type = 'home', options = {})
- ApplicationRecord.connected_to(role: :primary) do
+ with_primary do
@type = type.to_sym
@status = Status.find(status_id)
@options = options.symbolize_keys
@@ 20,7 21,7 @@ class FeedInsertWorker
end
end
- ApplicationRecord.connected_to(role: :read, prevent_writes: true) do
+ with_read_replica do
check_and_insert
end
rescue ActiveRecord::RecordNotFound
M app/workers/merge_worker.rb => app/workers/merge_worker.rb +3 -2
@@ 3,14 3,15 @@
class MergeWorker
include Sidekiq::Worker
include Redisable
+ include DatabaseHelper
def perform(from_account_id, into_account_id)
- ApplicationRecord.connected_to(role: :primary) do
+ with_primary do
@from_account = Account.find(from_account_id)
@into_account = Account.find(into_account_id)
end
- ApplicationRecord.connected_to(role: :read, prevent_writes: true) do
+ with_read_replica do
FeedManager.instance.merge_into_home(@from_account, @into_account)
end
rescue ActiveRecord::RecordNotFound
M app/workers/regeneration_worker.rb => app/workers/regeneration_worker.rb +3 -2
@@ 2,15 2,16 @@
class RegenerationWorker
include Sidekiq::Worker
+ include DatabaseHelper
sidekiq_options lock: :until_executed
def perform(account_id, _ = :home)
- ApplicationRecord.connected_to(role: :primary) do
+ with_primary do
@account = Account.find(account_id)
end
- ApplicationRecord.connected_to(role: :read, prevent_writes: true) do
+ with_read_replica do
PrecomputeFeedService.new.call(@account)
end
rescue ActiveRecord::RecordNotFound
M app/workers/unmerge_worker.rb => app/workers/unmerge_worker.rb +3 -2
@@ 2,16 2,17 @@
class UnmergeWorker
include Sidekiq::Worker
+ include DatabaseHelper
sidekiq_options queue: 'pull'
def perform(from_account_id, into_account_id)
- ApplicationRecord.connected_to(role: :primary) do
+ with_primary do
@from_account = Account.find(from_account_id)
@into_account = Account.find(into_account_id)
end
- ApplicationRecord.connected_to(role: :read, prevent_writes: true) do
+ with_read_replica do
FeedManager.instance.unmerge_from_home(@from_account, @into_account)
end
rescue ActiveRecord::RecordNotFound
M config/application.rb => config/application.rb +9 -1
@@ 60,7 60,15 @@ require_relative '../lib/mastodon/redis_config'
module Mastodon
class Application < Rails::Application
# Initialize configuration defaults for originally generated Rails version.
- config.load_defaults 6.1
+ config.load_defaults 7.0
+
+ # TODO: Release a version which uses the 7.0 defaults as specified above,
+ # but preserves the 6.1 cache format as set below. In a subsequent change,
+ # remove this line setting to 6.1 cache format, and then release another version.
+ # https://guides.rubyonrails.org/upgrading_ruby_on_rails.html#new-activesupport-cache-serialization-format
+ # https://github.com/mastodon/mastodon/pull/24241#discussion_r1162890242
+ config.active_support.cache_format_version = 6.1
+
config.add_autoload_paths_to_load_path = false
# Settings in config/environments/* take precedence over those specified here.
M config/environments/development.rb => config/environments/development.rb +29 -9
@@ 1,10 1,12 @@
# frozen_string_literal: true
+require 'active_support/core_ext/integer/time'
+
Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb.
- # In the development environment your application's code is reloaded on
- # every request. This slows down response time but is perfect for development
+ # In the development environment your application's code is reloaded any time
+ # it changes. This slows down response time but is perfect for development
# since you don't have to restart the web server when you make code changes.
config.cache_classes = false
@@ 14,13 16,22 @@ Rails.application.configure do
# Show full error reports.
config.consider_all_requests_local = true
+ # Enable server timing
+ config.server_timing = true
+
# Enable/disable caching. By default caching is disabled.
# Run rails dev:cache to toggle caching.
if Rails.root.join('tmp', 'caching-dev.txt').exist?
config.action_controller.perform_caching = true
+ config.action_controller.enable_fragment_cache_logging = true
+
config.cache_store = :redis_cache_store, REDIS_CACHE_PARAMS
+ config.public_file_server.headers = {
+ 'Cache-Control' => "public, max-age=#{2.days.to_i}",
+ }
else
config.action_controller.perform_caching = false
+
config.cache_store = :null_store
end
@@ 43,12 54,19 @@ Rails.application.configure do
# Print deprecation notices to the Rails logger.
config.active_support.deprecation = :log
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
# Raise an error on page load if there are pending migrations.
config.active_record.migration_error = :page_load
+ # Highlight code that triggered database queries in logs.
+ config.active_record.verbose_query_logs = true
+
# Debug mode disables concatenation and preprocessing of assets.
- # This option may cause significant delays in view rendering with a large
- # number of complex assets.
config.assets.debug = true
# Suppress logger output for asset requests.
@@ 59,12 77,14 @@ Rails.application.configure do
# Raises helpful error messages.
config.assets.raise_runtime_errors = true
- # Raises error for missing translations
- # config.action_view.raise_on_missing_translations = true
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
- # Use an evented file watcher to asynchronously detect changes in source code,
- # routes, locales, etc. This feature depends on the listen gem.
- # config.file_watcher = ActiveSupport::EventedFileUpdateChecker
+ # Uncomment if you wish to allow Action Cable access from any origin.
+ # config.action_cable.disable_request_forgery_protection = true
config.action_mailer.default_options = { from: 'notifications@localhost' }
M config/environments/production.rb => config/environments/production.rb +27 -4
@@ 1,5 1,7 @@
# frozen_string_literal: true
+require "active_support/core_ext/integer/time"
+
Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb.
@@ 21,20 23,24 @@ Rails.application.configure do
# or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
# config.require_master_key = true
- ActiveSupport::Logger.new(STDOUT).tap do |logger|
- logger.formatter = config.log_formatter
- config.logger = ActiveSupport::TaggedLogging.new(logger)
- end
+ # Compress CSS using a preprocessor.
+ # config.assets.css_compressor = :sass
# Do not fallback to assets pipeline if a precompiled asset is missed.
config.assets.compile = false
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+ # config.asset_host = "http://assets.example.com"
+
# Specifies the header that your server uses for sending files.
config.action_dispatch.x_sendfile_header = ENV['SENDFILE_HEADER'] if ENV['SENDFILE_HEADER'].present?
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
+ # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
# Allow to specify public IP of reverse proxy if it's needed
config.action_dispatch.trusted_proxies = ENV['TRUSTED_PROXY_IP'].split(/(?:\s*,\s*|\s+)/).map { |item| IPAddr.new(item) } if ENV['TRUSTED_PROXY_IP'].present?
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true
config.ssl_options = {
redirect: {
@@ 42,6 48,8 @@ Rails.application.configure do
}
}
+ # Include generic and useful information about system operation, but avoid logging too much
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
# Use the lowest log level to ensure availability of diagnostic information
# when problems arise.
config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info').to_sym
@@ 52,6 60,12 @@ Rails.application.configure do
# Use a different cache store in production.
config.cache_store = :redis_cache_store, REDIS_CACHE_PARAMS
+ # Use a real queuing backend for Active Job (and separate queues per environment).
+ # config.active_job.queue_adapter = :resque
+ # config.active_job.queue_name_prefix = "mastodon_production"
+
+ config.action_mailer.perform_caching = false
+
# Ignore bad email addresses and do not raise email delivery errors.
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
# config.action_mailer.raise_delivery_errors = false
@@ 75,6 89,15 @@ Rails.application.configure do
end
end
+ # Use a different logger for distributed setups.
+ # require "syslog/logger"
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
+
+ ActiveSupport::Logger.new(STDOUT).tap do |logger|
+ logger.formatter = config.log_formatter
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
+ end
+
# Do not dump schema after migrations.
config.active_record.dump_schema_after_migration = false
M config/environments/test.rb => config/environments/test.rb +25 -14
@@ 1,27 1,28 @@
# frozen_string_literal: true
+require 'active_support/core_ext/integer/time'
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb.
- # The test environment is used exclusively to run your application's
- # test suite. You never need to work with it otherwise. Remember that
- # your test database is "scratch space" for the test suite and is wiped
- # and recreated between test runs. Don't rely on the data there!
+ # Turn false under Spring and add config.action_view.cache_template_loading = true.
config.cache_classes = true
- # Do not eager load code on boot. This avoids loading your whole application
- # just for the purpose of running a single test. If you are using a tool that
- # preloads Rails for running tests, you may have to set it to true.
- config.eager_load = false
+ # Eager loading loads your whole application. When running a single test locally,
+ # this probably isn't necessary. It's a good idea to do in a continuous integration
+ # system, or in some way before deploying your code.
+ config.eager_load = ENV['CI'].present?
- config.assets.digest = false
+ config.assets_digest = false
# Show full error reports and disable caching.
config.consider_all_requests_local = true
config.action_controller.perform_caching = false
-
- # The default store, file_store is shared by processes parallelly executed
- # and should not be used.
config.cache_store = :memory_store
# Raise exceptions instead of rendering exception templates.
@@ 29,6 30,7 @@ Rails.application.configure do
# Disable request forgery protection in test environment.
config.action_controller.allow_forgery_protection = false
+
config.action_mailer.perform_caching = false
config.action_mailer.default_options = { from: 'notifications@localhost' }
@@ 48,8 50,8 @@ Rails.application.configure do
config.x.vapid_private_key = vapid_key.private_key
config.x.vapid_public_key = vapid_key.public_key
- # Raises error for missing translations
- # config.action_view.raise_on_missing_translations = true
+ # Raise exceptions for disallowed deprecations.
+ config.active_support.disallowed_deprecation = :raise
config.i18n.default_locale = :en
config.i18n.fallbacks = true
@@ 59,6 61,15 @@ Rails.application.configure do
# Ref: https://github.com/mastodon/mastodon/issues/23644
10.times { |i| Status.allocate.instance_variable_set(:"@ivar_#{i}", nil) }
end
+
+ # Tell Active Support which deprecation messages to disallow.
+ config.active_support.disallowed_deprecation_warnings = []
+
+ # Raises error for missing translations.
+ # config.i18n.raise_on_missing_translations = true
+
+ # Annotate rendered view with file names.
+ # config.action_view.annotate_rendered_view_with_filenames = true
end
Paperclip::Attachment.default_options[:path] = Rails.root.join('spec', 'test_files', ':class', ':id_partition', ':style.:extension')
M config/initializers/assets.rb => config/initializers/assets.rb +5 -4
@@ 5,11 5,12 @@
# Version of your assets, change this if you want to expire all your assets.
Rails.application.config.assets.version = '1.0'
-# Add additional assets to the asset load path
-# Rails.application.config.assets.paths << 'node_modules'
+# Add additional assets to the asset load path.
+# Rails.application.config.assets.paths << Emoji.images_path
# Precompile additional assets.
-# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
-# Rails.application.config.assets.precompile += %w()
+# application.js, application.css, and all non-JS/CSS in the app/assets
+# folder are already added.
+# Rails.application.config.assets.precompile += %w( admin.js admin.css )
Rails.application.config.assets.initialize_on_precompile = true
A config/initializers/cookie_rotator.rb => config/initializers/cookie_rotator.rb +21 -0
@@ 0,0 1,21 @@
+# frozen_string_literal: true
+
+Rails.application.config.after_initialize do
+ Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies|
+ authenticated_encrypted_cookie_salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt
+ signed_cookie_salt = Rails.application.config.action_dispatch.signed_cookie_salt
+
+ secret_key_base = Rails.application.secret_key_base
+
+ key_generator = ActiveSupport::KeyGenerator.new(
+ secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
+ )
+ key_len = ActiveSupport::MessageEncryptor.key_len
+
+ old_encrypted_secret = key_generator.generate_key(authenticated_encrypted_cookie_salt, key_len)
+ old_signed_secret = key_generator.generate_key(signed_cookie_salt)
+
+ cookies.rotate :encrypted, old_encrypted_secret
+ cookies.rotate :signed, old_signed_secret
+ end
+end
M config/initializers/filter_parameter_logging.rb => config/initializers/filter_parameter_logging.rb +6 -2
@@ 2,5 2,9 @@
# Be sure to restart your server when you modify this file.
-# Configure sensitive parameters which will be filtered from the log file.
-Rails.application.config.filter_parameters += [:password, :private_key, :public_key, :otp_attempt]
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+ :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
A config/initializers/new_framework_defaults_7_0.rb => config/initializers/new_framework_defaults_7_0.rb +10 -0
@@ 0,0 1,10 @@
+# frozen_string_literal: true
+
+# TODO
+# The Rails 7.0 framework default here is to set this true. However, we have a
+# location in devise that redirects where we don't have an easy ability to
+# override a method or set a config option, but where the redirect does not
+# provide this option.
+# https://github.com/heartcombo/devise/blob/v4.9.2/app/controllers/devise/confirmations_controller.rb#L28
+# Once a solution is found, this line can be removed.
+Rails.application.config.action_controller.raise_on_open_redirects = false
M db/schema.rb => db/schema.rb +1 -1
@@ 10,7 10,7 @@
#
# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 2023_07_02_151753) do
+ActiveRecord::Schema[6.1].define(version: 2023_07_02_151753) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
M package.json => package.json +1 -1
@@ 44,7 44,7 @@
"@formatjs/intl-pluralrules": "^5.2.2",
"@gamestdio/websocket": "^0.3.2",
"@github/webauthn-json": "^2.1.1",
- "@rails/ujs": "^6.1.7",
+ "@rails/ujs": "^7.0.6",
"@reduxjs/toolkit": "^1.9.5",
"abortcontroller-polyfill": "^1.7.5",
"atrament": "0.2.4",
M yarn.lock => yarn.lock +29 -30
@@ 1754,10 1754,10 @@
resolved "https://registry.yarnpkg.com/@popperjs/core/-/core-2.11.8.tgz#6b79032e760a0899cd4204710beede972a3a185f"
integrity sha512-P1st0aksCrn9sGZhp8GMYwBnQsbvAWsZAX44oXNNvLHGqAOcoVxmjZiohstwQ7SqKnbR47akdNi+uleWD8+g6A==
-"@rails/ujs@^6.1.7":
- version "6.1.7"
- resolved "https://registry.yarnpkg.com/@rails/ujs/-/ujs-6.1.7.tgz#b09dc5b2105dd267e8374c47e4490240451dc7f6"
- integrity sha512-0e7WQ4LE/+LEfW2zfAw9ppsB6A8RmxbdAUPAF++UT80epY+7emuQDkKXmaK0a9lp6An50RvzezI0cIQjp1A58w==
+"@rails/ujs@^7.0.6":
+ version "7.0.6"
+ resolved "https://registry.yarnpkg.com/@rails/ujs/-/ujs-7.0.6.tgz#fd8937c92335f3da9495e07292511ad5f7547a6a"
+ integrity sha512-s5v3AC6AywOIFMz0RIMW83Xc8FPIvKMkP3ZHFlM4ISNkhdUwP9HdhVtxxo6z3dIhe9vI0Our2A8kN/QpUV02Qg==
"@redis/bloom@1.2.0":
version "1.2.0"
@@ 4138,9 4138,9 @@ core-js@^2.5.0:
integrity sha512-Kb2wC0fvsWfQrgk8HU5lW6U/Lcs8+9aaYcy4ZFc6DDlo4nZ7n70dEgE5rtR0oG6ufKDUnrwfWL1mXR5ljDatrQ==
core-js@^3.30.2:
- version "3.31.0"
- resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.31.0.tgz#4471dd33e366c79d8c0977ed2d940821719db344"
- integrity sha512-NIp2TQSGfR6ba5aalZD+ZQ1fSxGhDo/s1w0nx3RYzf2pnJxt7YynxFlFScP6eV7+GZsKO95NSjGxyJsU3DZgeQ==
+ version "3.31.1"
+ resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.31.1.tgz#f2b0eea9be9da0def2c5fece71064a7e5d687653"
+ integrity sha512-2sKLtfq1eFST7l7v62zaqXacPc7uG8ZAya8ogijLhTtaKNcpzpB4TMoTw2Si+8GYKRwFPMMtUT0263QFWFfqyQ==
core-util-is@~1.0.0:
version "1.0.3"
@@ 5908,15 5908,15 @@ glob-parent@^6.0.2:
is-glob "^4.0.3"
glob@^10.2.5, glob@^10.2.6:
- version "10.3.0"
- resolved "https://registry.yarnpkg.com/glob/-/glob-10.3.0.tgz#763d02a894f3cdfc521b10bbbbc8e0309e750cce"
- integrity sha512-AQ1/SB9HH0yCx1jXAT4vmCbTOPe5RQ+kCurjbel5xSCGhebumUv+GJZfa1rEqor3XIViqwSEmlkZCQD43RWrBg==
+ version "10.3.3"
+ resolved "https://registry.yarnpkg.com/glob/-/glob-10.3.3.tgz#8360a4ffdd6ed90df84aa8d52f21f452e86a123b"
+ integrity sha512-92vPiMb/iqpmEgsOoIDvTjc50wf9CCCvMzsi6W0JLPeUKE8TWP1a73PgqSrqy7iAZxaSD1YdzU7QZR5LF51MJw==
dependencies:
foreground-child "^3.1.0"
jackspeak "^2.0.3"
minimatch "^9.0.1"
- minipass "^5.0.0 || ^6.0.2"
- path-scurry "^1.7.0"
+ minipass "^5.0.0 || ^6.0.2 || ^7.0.0"
+ path-scurry "^1.10.1"
glob@^7.0.3, glob@^7.1.1, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6:
version "7.2.3"
@@ 7845,10 7845,10 @@ lru-cache@^6.0.0:
dependencies:
yallist "^4.0.0"
-lru-cache@^9.1.1:
- version "9.1.2"
- resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-9.1.2.tgz#255fdbc14b75589d6d0e73644ca167a8db506835"
- integrity sha512-ERJq3FOzJTxBbFjZ7iDs+NiK4VI9Wz+RdrrAB8dio1oV+YvdPzUEE4QNiT2VD51DkIbCYRUUzCRkssXCHqSnKQ==
+"lru-cache@^9.1.1 || ^10.0.0":
+ version "10.0.0"
+ resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-10.0.0.tgz#b9e2a6a72a129d81ab317202d93c7691df727e61"
+ integrity sha512-svTf/fzsKHffP42sujkO/Rjs37BCIsQVRCeNYIm9WN8rgT7ffoUnRtZCqU+6BqcSBdv8gwJeTz8knJpgACeQMw==
lz-string@^1.5.0:
version "1.5.0"
@@ 8109,9 8109,9 @@ minimatch@^5.0.1:
brace-expansion "^2.0.1"
minimatch@^9.0.1:
- version "9.0.2"
- resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-9.0.2.tgz#397e387fff22f6795844d00badc903a3d5de7057"
- integrity sha512-PZOT9g5v2ojiTL7r1xF6plNHLtOeTpSlDI007As2NlA2aYBMfVom17yqa6QzhmDP8QOhn7LjHTg7DFCVSSa6yg==
+ version "9.0.3"
+ resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-9.0.3.tgz#a6e00c3de44c3a542bfaae70abfc22420a6da825"
+ integrity sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==
dependencies:
brace-expansion "^2.0.1"
@@ 8162,10 8162,10 @@ minipass@^5.0.0:
resolved "https://registry.yarnpkg.com/minipass/-/minipass-5.0.0.tgz#3e9788ffb90b694a5d0ec94479a45b5d8738133d"
integrity sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==
-"minipass@^5.0.0 || ^6.0.2":
- version "6.0.2"
- resolved "https://registry.yarnpkg.com/minipass/-/minipass-6.0.2.tgz#542844b6c4ce95b202c0995b0a471f1229de4c81"
- integrity sha512-MzWSV5nYVT7mVyWCwn2o7JH13w2TBRmmSqSRCKzTw+lmft9X4z+3wjvs06Tzijo5z4W/kahUCDpRXTF+ZrmF/w==
+"minipass@^5.0.0 || ^6.0.2 || ^7.0.0":
+ version "7.0.2"
+ resolved "https://registry.yarnpkg.com/minipass/-/minipass-7.0.2.tgz#58a82b7d81c7010da5bd4b2c0c85ac4b4ec5131e"
+ integrity sha512-eL79dXrE1q9dBbDCLg7xfn/vl7MS4F1gvJAgjJrQli/jbQWdUttuVawphqpffoIYfRdq78LHx6GP4bU/EQ2ATA==
minizlib@^2.1.1:
version "2.1.2"
@@ 8780,13 8780,13 @@ path-parse@^1.0.7:
resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
-path-scurry@^1.7.0:
- version "1.9.2"
- resolved "https://registry.yarnpkg.com/path-scurry/-/path-scurry-1.9.2.tgz#90f9d296ac5e37e608028e28a447b11d385b3f63"
- integrity sha512-qSDLy2aGFPm8i4rsbHd4MNyTcrzHFsLQykrtbuGRknZZCBBVXSv2tSCDN2Cg6Rt/GFRw8GoW9y9Ecw5rIPG1sg==
+path-scurry@^1.10.1:
+ version "1.10.1"
+ resolved "https://registry.yarnpkg.com/path-scurry/-/path-scurry-1.10.1.tgz#9ba6bf5aa8500fe9fd67df4f0d9483b2b0bfc698"
+ integrity sha512-MkhCqzzBEpPvxxQ71Md0b1Kk51W01lrYvlMzSUaIzNsODdd7mqhiimSZlr+VegAz5Z6Vzt9Xg2ttE//XBhH3EQ==
dependencies:
- lru-cache "^9.1.1"
- minipass "^5.0.0 || ^6.0.2"
+ lru-cache "^9.1.1 || ^10.0.0"
+ minipass "^5.0.0 || ^6.0.2 || ^7.0.0"
path-to-regexp@0.1.7:
version "0.1.7"
@@ 10916,7 10916,6 @@ stringz@^2.1.0:
char-regex "^1.0.2"
"strip-ansi-cjs@npm:strip-ansi@^6.0.1", strip-ansi@^6.0.0, strip-ansi@^6.0.1:
- name strip-ansi-cjs
version "6.0.1"
resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9"
integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==