v0.4.0

Summary

Rails 7.2 update, Ruby 3.4 update, drop user roles, and misc. package updates.

⚠️ Migration notes

User Roles

When updating the template in this version, if you wish to keep user role
support, revert the changes in these files:

• <APP_NAME>/db/migrate/20240410213056_create_user_roles.rb (deleted in
  this change)
• <APP_NAME>/db/schema.rb (user_tables removed)

What's Changed

• Update Rails to 7.2 and misc. non-major dependency updates by @renovate, @doshitan in #80
• Update Ruby language to v3.4.2 by @renovate, @doshitan in #79
• Update nokogiri, rack, and uri for security fixes by @dependabot in #76 and #82
• Remove user roles by @lorenyu in 5e2a120, #83
• Drop TargetRubyVersion from RuboCop config by @doshitan in 761d391

New Contributors

• @renovate made their first contribution in #75
• @lorenyu made their first contribution in #83

Full Changelog: v0.3.1...v0.4.0

v0.3.1

Summary

Fix local database setting oversight from v0.3.0, resolve various vulnerability
warnings (mostly by catching up on 6-12 months of package/language updates) and
better integrate with template-infra out of the box.

On that last point, this template now cleanly combines with template-infra
v0.15.3.

What's Changed

• Fix local development database name setting by @doshitan in 881cc71
• Tweak CSS for forms by @LeslieJAnderson in #60
• Support a read-only root container filesystem by @doshitan in #73
• Add various vulnerability scanning configs by @doshitan in #69
• Remove unnecessary things from production image
  • Drop aws-cli by @doshitan in #67
  • Drop curl by @doshitan in 22e8e11
• Package updates
  • Update Ruby dependencies by @doshitan in #65
  • Update Ruby version to 3.3.7 by @doshitan in #66
  • Bump net-imap from 0.5.5 to 0.5.6 by @dependabot in #72
  • Update Node.js packages by @doshitan in #68
  • Bump rack from 3.1.9 to 3.1.10 by @dependabot in #74
• Misc
  • Dockerfile: Consistent cleanup after apt-get and formatting by @doshitan in a765636

New Contributors

• @LeslieJAnderson made their first contribution in #60
• @dependabot made their first contribution in #72

---

Full Changelog: v0.3.0...v0.3.1

v0.3.0

Summary

This release switches to using the Platform CLI tool for managing the template. This requires a manual migration step for users of previous version of the template that wish to update, for guidance see https://navapbc.github.io/platform-cli/getting-started/migrating-from-legacy-template/

What's Changed

• Support Platform CLI by @doshitan in #54
  • Notably, the Docker Compose files that were previously installed to the root of the project have been moved into the app directory and existing services renamed. The Docker Compose database settings have also changed, with the user and database name shifting from app_rails to app. This will likely require some further tweaks in your project.

Full Changelog: v0.2.1...v0.3.0

v0.2.1

What's Changed

• Don't ignore local.env.example by @rocketnova in #41
• Docker Console and Debugger by @SammySteiner in #31
• Fail CI on lint check by @SammySteiner in #46
• Doc update for regex multiline guidance by @SammySteiner in #45
• Honeypot fields and logic by @SammySteiner in #48
• Update healthcheck route SSL exclusion to specifically GET /health by @doshitan in #52

New Contributors

• @doshitan made their first contribution in #52

Full Changelog: v0.2.0...v0.2.1

v0.2.0

Release Notes

#28 was not included in any releases, but if you updated your project to main after installing v0.1.0, you will need to update to this release and then reset your database:

1. Change to your application directory
2. Run: make db-reset

What's Changed

• Bump ruby version to 3.3.1 by @ellery-nava in #21
• [Issue 16] Add Grype for vulnerability scanning by @SammySteiner in #22
• Update Rubocop settings by @ellery-nava in #27
• Add database migration to enable pgcrypto by @rocketnova in #28
  • ⚠️ This may cause issues with cloud deployment, such as with AWS. See release note above.
• Add wget to release image by @rocketnova in #30
• Update template-only-bin scripts by @rocketnova in #29
• Add warning to rename script by @rocketnova in #34
• [Issue #12] Security Audit by @SammySteiner in #26
• Prepare for integration with infra template by @rocketnova in #40
  • ⚠️ This PR reverted #28 above.

New Contributors

• @ellery-nava made their first contribution in #21
• @SammySteiner made their first contribution in #22

Full Changelog: v0.1.0...v0.2.0

v0.1.0

New features

This is the initial release of this template. These PRs cover the bulk of the functionality included in the initial release:

• Generate a new rails app #3
• Add template-only-bin scripts #6
• Customize rails application #2

#3 and #6 set the stage for all of the functionality added in #2, which customizes the default rails app boilerplate and adds opinionated changes to:

• Code quality
  • rspec for testing
  • rubocop for linting
  • optimized docker build pipeline
• Developer experience
  • consistent and reproducible dev workflows using a Makefile
  • a developer sandbox page to test frontend changes
  • database migration introspection
  • mock production that can be run locally
  • per-environment database seeding
• Frontend configuration
  • sass stylesheets
  • USWDS, including custom form builder
  • breadcrumbs
  • flash
  • header
  • language toggle
  • sidebar layout
• External integrations with AWS
  • auth using Cognito
  • storage using S3
  • notifications using SES
  • database using RDS with Postgresql IAM Auth
• Auth
  • authn using devise
  • authz using pundit
  • user and user_role scaffolding
  • implemented flows:
    • create user
    • forgot password
    • update password
    • verify email
    • update email
    • add mfa using authenticator TOTP
    • remove mfa
• Internationalization
  • support for translated routes
  • locale directory structure
• Software architecture patterns
  • adapters pattern
  • services pattern
  • form objects pattern

New Contributors

• @rocketnova made their first contribution in 798a545

Full Changelog: initial commit...v0.1.0