From 8de692580725b1d2230c1a8c253eea9968cdfd6d Mon Sep 17 00:00:00 2001
From: evazion <noizave@gmail.com>
Date: Mon, 23 Sep 2019 13:52:21 -0500
Subject: [PATCH] Fix raw sql deprecation warning in tag autocomplete.

    DEPRECATION WARNING: Dangerous query method (method whose arguments
    are used as raw SQL) called with non-attribute argument(s): "trunc(3
    * similarity(name, 'two')) DESC". Non-attribute arguments will be
    disallowed in Rails 6.1. This method should not be called with
    user-provided values, such as request parameters or model
    attributes. Known-safe values can be passed by wrapping them in
    Arel.sql(). (called from order_similarity at
    /home/admin/src/danbooru/app/models/tag.rb:817)
---
 app/models/tag.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/tag.rb b/app/models/tag.rb
index eaeb1fe79..bbe47aea9 100644
--- a/app/models/tag.rb
+++ b/app/models/tag.rb
@@ -814,7 +814,7 @@ class Tag < ApplicationRecord
     def order_similarity(name)
       # trunc(3 * sim) reduces the similarity score from a range of 0.0 -> 1.0 to just 0, 1, or 2.
       # This groups tags first by approximate similarity, then by largest tags within groups of similar tags.
-      order("trunc(3 * similarity(name, #{connection.quote(name)})) DESC", "post_count DESC", "name DESC")
+      order(Arel.sql("trunc(3 * similarity(name, #{connection.quote(name)})) DESC", "post_count DESC", "name DESC"))
     end
 
     # ref: https://www.postgresql.org/docs/current/static/pgtrgm.html#idm46428634524336