c2901eb084
The [deprecated secrets removal][1] ended up removing a bit of non-deprecated functionality related to config.secret_key_base: - the original implementation prioritized the value of config.secret_key_base over other sources in all environments - if unset, the value of config.secret_key_base would be updated to whichever fallback value was found The new implementation only sets config.secret_key_base to a fallback value when Rails.env.local?, and never considers it at all in production. This commit aims to restore this missing functionality as well as simplify the implementation: - Rails.application.secret_key_base now always delegates to config.secret_key_base (like the pre-secret-removal implementation) - secret_key_base validation was moved from the reader to the writer - config.secret_key_base now handles setting itself to a fallback value when unset - In addition, generate_local_secret was simplified because it previously did 3 things: file manipulation, setting config.secret_key_base, and returning a value. Now it only creates the file if necessary and returns the value stored in it The new implementation has an additional benefit, which is that manually set config.secret_key_base values are now validated, whereas previously only fallback values were validated. [1]: 0c76f17f2dbf0d7ad90c890e6f334743cacce41f Co-authored-by: Petrik <petrik@deheus.net> |
||
---|---|---|
.. | ||
minitest | ||
rails | ||
rails.rb |