Rails 3 to Rails 7 Upgrade Plan (Revised)

Feb 22, 2026 · 2.4 KB · 2 min read · by Sarah Blake

Comparing v1 → v1

+0 additions -0 deletions

        v1
      

        v1
      
 # Rails 3 to Rails 7 Upgrade Plan
 # Rails 3 to Rails 7 Upgrade Plan
  
  
 ## Background
 ## Background
  
  
 Client has a Rails 3.2.22 application running in production since 2013. The app serves approximately 40 users in a regional insurance office. It runs on a single Heroku dyno. Nobody has touched it since Gary left in 2017.
 Client has a Rails 3.2.22 application running in production since 2013. The app serves approximately 40 users in a regional insurance office. It runs on a single Heroku dyno. Nobody has touched it since Gary left in 2017.
  
  
 Gary did not leave documentation.
 Gary did not leave documentation.
  
  
 ## Current State
 ## Current State
  
  
 - Ruby 1.9.3 (EOL: February 2015)
 - Ruby 1.9.3 (EOL: February 2015)
 - Rails 3.2.22 (EOL: June 2016)
 - Rails 3.2.22 (EOL: June 2016)
 - 847 gems in Gemfile.lock, 211 of which no longer exist on RubyGems
 - 847 gems in Gemfile.lock, 211 of which no longer exist on RubyGems
 - Asset pipeline uses Sprockets with CoffeeScript and Sass
 - Asset pipeline uses Sprockets with CoffeeScript and Sass
 - Tests: 3. One passes. One is pending. One tests a feature that was removed in 2015.
 - Tests: 3. One passes. One is pending. One tests a feature that was removed in 2015.
 - Deployment: `git push heroku master` with no CI
 - Deployment: `git push heroku master` with no CI
 - Database: PostgreSQL 9.2 (EOL: November 2017)
 - Database: PostgreSQL 9.2 (EOL: November 2017)
 - The app stores passwords in MD5. Gary thought this was fine.
 - The app stores passwords in MD5. Gary thought this was fine.
  
  
 ## Proposed Approach
 ## Proposed Approach
  
  
 ### Option A: Incremental Upgrade
 ### Option A: Incremental Upgrade
  
  
 Upgrade one major version at a time: 3→4→5→6→7. Each step requires updating gems, fixing deprecations, running tests (the one that passes), and deploying.
 Upgrade one major version at a time: 3→4→5→6→7. Each step requires updating gems, fixing deprecations, running tests (the one that passes), and deploying.
  
  
 **Estimated time:** 6-8 weeks
 **Estimated time:** 6-8 weeks
 **Risk:** High. Many gems have no upgrade path. Some gem authors have moved on to goat farming.
 **Risk:** High. Many gems have no upgrade path. Some gem authors have moved on to goat farming.
  
  
 ### Option B: Rewrite
 ### Option B: Rewrite
  
  
 Start fresh with Rails 7. Replicate existing functionality. Migrate the database.
 Start fresh with Rails 7. Replicate existing functionality. Migrate the database.
  
  
 **Estimated time:** 4-6 weeks
 **Estimated time:** 4-6 weeks
 **Risk:** Medium. We know what the app does. Mostly. The parts we don't understand are probably important.
 **Risk:** Medium. We know what the app does. Mostly. The parts we don't understand are probably important.
  
  
 ### Option C: Leave It Alone
 ### Option C: Leave It Alone
  
  
 The app works. Nobody is complaining except the security auditors. The security auditors are always complaining.
 The app works. Nobody is complaining except the security auditors. The security auditors are always complaining.
  
  
 **Estimated time:** 0 weeks
 **Estimated time:** 0 weeks
 **Risk:** The security auditors will not stop. They will never stop.
 **Risk:** The security auditors will not stop. They will never stop.
  
  
 ## Recommendation
 ## Recommendation
  
  
 Option B (Rewrite). The codebase has too much technical debt for an incremental approach. The CoffeeScript alone would take two weeks to untangle, and nobody on the team knows CoffeeScript. We hired someone who said they knew CoffeeScript but it turned out they were thinking of TypeScript.
 Option B (Rewrite). The codebase has too much technical debt for an incremental approach. The CoffeeScript alone would take two weeks to untangle, and nobody on the team knows CoffeeScript. We hired someone who said they knew CoffeeScript but it turned out they were thinking of TypeScript.
  
  
 ## Open Questions
 ## Open Questions
  
  
 - What does the `MysteryWorker` background job do? It runs every night at 3 AM and writes to a table called `legacy_sync`. The table has 3.2 million rows. Nobody knows what it syncs or where it syncs to.
 - What does the `MysteryWorker` background job do? It runs every night at 3 AM and writes to a table called `legacy_sync`. The table has 3.2 million rows. Nobody knows what it syncs or where it syncs to.
 - Is the SMTP server at 10.0.0.47 still running? The app sends emails to it. We cannot find this server. The IP doesn't respond to pings. The emails appear to be delivered anyway.
 - Is the SMTP server at 10.0.0.47 still running? The app sends emails to it. We cannot find this server. The IP doesn't respond to pings. The emails appear to be delivered anyway.
 - Why does the User model have a `is_gary` boolean column?
 - Why does the User model have a `is_gary` boolean column?
  
  
 See also: [gem audit](gem-audit.md) for the full dependency analysis.
 See also: [gem audit](gem-audit.md) for the full dependency analysis.
  
  

        v1 → v1
      
 # Rails 3 to Rails 7 Upgrade Plan
  
 ## Background
  
 Client has a Rails 3.2.22 application running in production since 2013. The app serves approximately 40 users in a regional insurance office. It runs on a single Heroku dyno. Nobody has touched it since Gary left in 2017.
  
 Gary did not leave documentation.
  
 ## Current State
  
 - Ruby 1.9.3 (EOL: February 2015)
 - Rails 3.2.22 (EOL: June 2016)
 - 847 gems in Gemfile.lock, 211 of which no longer exist on RubyGems
 - Asset pipeline uses Sprockets with CoffeeScript and Sass
 - Tests: 3. One passes. One is pending. One tests a feature that was removed in 2015.
 - Deployment: `git push heroku master` with no CI
 - Database: PostgreSQL 9.2 (EOL: November 2017)
 - The app stores passwords in MD5. Gary thought this was fine.
  
 ## Proposed Approach
  
 ### Option A: Incremental Upgrade
  
 Upgrade one major version at a time: 3→4→5→6→7. Each step requires updating gems, fixing deprecations, running tests (the one that passes), and deploying.
  
 **Estimated time:** 6-8 weeks
 **Risk:** High. Many gems have no upgrade path. Some gem authors have moved on to goat farming.
  
 ### Option B: Rewrite
  
 Start fresh with Rails 7. Replicate existing functionality. Migrate the database.
  
 **Estimated time:** 4-6 weeks
 **Risk:** Medium. We know what the app does. Mostly. The parts we don't understand are probably important.
  
 ### Option C: Leave It Alone
  
 The app works. Nobody is complaining except the security auditors. The security auditors are always complaining.
  
 **Estimated time:** 0 weeks
 **Risk:** The security auditors will not stop. They will never stop.
  
 ## Recommendation
  
 Option B (Rewrite). The codebase has too much technical debt for an incremental approach. The CoffeeScript alone would take two weeks to untangle, and nobody on the team knows CoffeeScript. We hired someone who said they knew CoffeeScript but it turned out they were thinking of TypeScript.
  
 ## Open Questions
  
 - What does the `MysteryWorker` background job do? It runs every night at 3 AM and writes to a table called `legacy_sync`. The table has 3.2 million rows. Nobody knows what it syncs or where it syncs to.
 - Is the SMTP server at 10.0.0.47 still running? The app sends emails to it. We cannot find this server. The IP doesn't respond to pings. The emails appear to be delivered anyway.
 - Why does the User model have a `is_gary` boolean column?
  
 See also: [gem audit](gem-audit.md) for the full dependency analysis.
  