Move active storage to shared dir for production deploys

uclibs / treatment_database

Application to track conservation workflow for Preservation Services

1 stars 2 forks source link

Move active storage to shared dir for production deploys #503

Closed crowesn closed 4 months ago

crowesn commented 4 months ago

Resolves #502

Set Capistrano shared directory for active storage in production mode.
Update nokogiri to resolve CVE
Update rexml to resolve CVE

crowesn commented 4 months ago

@Janell-Huyck I think this should do it.

Janell-Huyck commented 4 months ago

Changes to Gemfile.lock aren't durable. I have addressed these two security concerns in PR https://github.com/uclibs/treatment_database/pull/497. It involved updating to Ruby 3.3.1 and running a bundle update. REXML was a dependency we couldn't update directly, and nokogiri needed to be updated in the gemfile.

The changes related to the issue of the active storage look good. Thanks for tracking that down.