c8d26bb647
* Make sure active record encryption configuration happens after initializers have run Co-authored-by: Cadu Ribeiro <mail@cadu.dev> * Add a new option to support previous data encrypted non-deterministically with a hash digest of SHA1 There is currently a problem with Active Record encryption for users updating from 7.0 to 7.1 Before #44873, data encrypted with non-deterministic encryption was always using SHA-1. The reason is that `ActiveSupport::KeyGenerator.hash_digest_class` is set in an after_initialize block in the railtie config, but encryption config was running before that, so it was effectively using the previous default SHA1. That means that existing users are using SHA256 for non deterministic encryption, and SHA1 for deterministic encryption. This adds a new option `use_sha1_digest_for_non_deterministic_data` that users can enable to support for SHA1 and SHA256 when decrypting existing data. * Set a default value of true for `support_sha1_for_non_deterministic_encryption` and proper initializer values. We want to enable the flag existing versions (< 7.1), and we want it to be false moving by default moving forward. * Make sure the system to auto-filter params supports different initialization orders This reworks the system to auto-filter params so that it works when encrypted attributes are declared before the encryption configuration logic runs. Co-authored-by: Cadu Ribeiro <mail@cadu.dev> --------- Co-authored-by: Cadu Ribeiro <mail@cadu.dev> |
||
---|---|---|
.. | ||
bin | ||
exe | ||
lib | ||
test | ||
.gitignore | ||
CHANGELOG.md | ||
MIT-LICENSE | ||
railties.gemspec | ||
Rakefile | ||
RDOC_MAIN.md | ||
README.rdoc |
= Railties -- Gluing the Engine to the \Rails Railties is responsible for gluing all frameworks together. Overall, it: * handles the bootstrapping process for a \Rails application; * manages the +rails+ command line interface; * and provides the \Rails generators core. == Download The latest version of Railties can be installed with RubyGems: * gem install railties Source code can be downloaded as part of the \Rails project on GitHub * https://github.com/rails/rails/tree/main/railties == License Railties is released under the MIT license: * https://opensource.org/licenses/MIT == Support API documentation is at * https://api.rubyonrails.org Bug reports can be filed for the Ruby on \Rails project here: * https://github.com/rails/rails/issues Feature requests should be discussed on the rails-core mailing list here: * https://discuss.rubyonrails.org/c/rubyonrails-core