-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deprecation - Rails.application.secrets #5644
Comments
Issue is caused by Is there any reason why we need SecretKeyFinder any more? I assume it was required to cover various rails version, but now devise dropped support for rails < 6.0, so there's always |
Hello, I wanted to report that I am facing a similar issue with the deprecation warning related to My environment details:
I would appreciate any assistance or recommendations on how to resolve this issue. Kind regards, |
For those looking for an immediate fix, it is possible to monkey_patch around the issue. Add the following in your initializers/devise.rb:
|
No monkey patching needed, you can just configure Devise's secret_key in your setup: Devise.setup do |config|
config.secret_key = ENV['SECRET_KEY_BASE'] # or whatever is your preferred method
end Devise will only want to use the SecretKeyFinder if it isn't already configured. |
Thanks @ckraybill, that's nice! It looks like you can also do this to keep it DRY where you are specifying the secret key base, whether it's ENV or elsewhere: Devise.setup do |config|
config.secret_key = Rails.application.secret_key_base
end |
…on warning when it tries deprecated places. heartcombo/devise#5644
It's coming from Devise and can be removed by specifying the secret_key_base explicitly: heartcombo/devise#5644
It's coming from Devise and can be removed by specifying the secret_key_base explicitly: heartcombo/devise#5644
It's coming from Devise and can be removed by specifying the secret_key_base explicitly: heartcombo/devise#5644
By default Devise uses its internal SecretKeyFinder library to look up for the "secret_key_base" value. Looking for the secrets is deprecated, and raises warnings as metioned in this issue: heartcombo/devise#5644 The solution is to configure Devise to directly take the secret_key_base from the Rails application config.
To prevent a deprecation warning from devise. We override this value in deployed environments. See heartcombo/devise#5644
Rails is producing a deprecation warning when running tests because Devise is reaching for secrets instead of credentials. Explicitly set the devise secret key to prevent it from searching in Rails.application.secrets. See heartcombo/devise#5644 References #294
* Upgrade Rails to v7.1 and run `bundle update` See the upgrade guide here: https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html * Use older version of `html-parser` for `thredded` See thredded/thredded#979 * Use new `config.autoload_lib` in Rails 7.1 See https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html#config-autoload-lib-and-config-autoload-lib-once Eager loading is on by default for production. * Remove unused app environment variables usage The file `config/app_environment_variables.rb` does not exist in our codebase anymore. * Run `bin/rails app:update` to update configurations * Add new framework defaults for Rails 7.1 file * Update `listen` gem version This was done because `bin/rails app:update` failed with: ** Execute app:update:active_storage rails active_storage:update bin/rails aborted! Gem::LoadError: can't activate listen (~> 3.5), already activated listen-3.0.8. Make sure all dependencies are added to Gemfile. * Add TODO note for upcoming serialize change * Reduce new framework defaults list * Add migrations introduced by rails update task * Remove unneeded ActiveStorage migrations * Remove defaults for sha-256 as we are unaffected * Use new Rails 7.1 defaults * Fix TODO rubocop warning * Update bundler version to 2.5.9 You can do so locally via `bundle update --bundler` * Remove unnecessary entries in `Gemfile.lock` Performed automatically via `bundle install`. * Address `Passing the coder as positional arg` deprecation This is a followup to rails/rails#47463 * add yaml coder explicitly for serializing arrays * Migrate from globalize to mobility due to serialization warnings * Update gem lockfile to include `mobility` `bundle install` also removed globalize automatically for us. * Add `I18nLocaleAccessors` as replacement for `globalize_attribute_names` * Remove obsolete comment regarding `globalize` * Fix Rails `secrets` deprecation warning (Devise) This is due to heartcombo/devise#5644. * Use `install_folder` in cypress on rails `cypress_folder` is deprecated as config option --------- Co-authored-by: fosterfarrell9 <28628554+fosterfarrell9@users.noreply.github.com>
heartcombo/devise#5644 On supprime le secret généré par Devise dans du code commenté parce que GitGuardian s'en offusque.
* Upgrade Rails to v7.1 and run `bundle update` See the upgrade guide here: https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html * Use older version of `html-parser` for `thredded` See thredded/thredded#979 * Use new `config.autoload_lib` in Rails 7.1 See https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html#config-autoload-lib-and-config-autoload-lib-once Eager loading is on by default for production. * Remove unused app environment variables usage The file `config/app_environment_variables.rb` does not exist in our codebase anymore. * Run `bin/rails app:update` to update configurations * Add new framework defaults for Rails 7.1 file * Update `listen` gem version This was done because `bin/rails app:update` failed with: ** Execute app:update:active_storage rails active_storage:update bin/rails aborted! Gem::LoadError: can't activate listen (~> 3.5), already activated listen-3.0.8. Make sure all dependencies are added to Gemfile. * Add TODO note for upcoming serialize change * Reduce new framework defaults list * Add migrations introduced by rails update task * Remove unneeded ActiveStorage migrations * Remove defaults for sha-256 as we are unaffected * Use new Rails 7.1 defaults * Fix TODO rubocop warning * Update bundler version to 2.5.9 You can do so locally via `bundle update --bundler` * Remove unnecessary entries in `Gemfile.lock` Performed automatically via `bundle install`. * Address `Passing the coder as positional arg` deprecation This is a followup to rails/rails#47463 * add yaml coder explicitly for serializing arrays * Migrate from globalize to mobility due to serialization warnings * Update gem lockfile to include `mobility` `bundle install` also removed globalize automatically for us. * Add `I18nLocaleAccessors` as replacement for `globalize_attribute_names` * Remove obsolete comment regarding `globalize` * Fix Rails `secrets` deprecation warning (Devise) This is due to heartcombo/devise#5644. * Use `install_folder` in cypress on rails `cypress_folder` is deprecated as config option * Init dummy Bootstrap nav pills * Group accordion items into nav pane * Style pillars & improve accessibility * Remove accordion wrappers & design lecture content pane * Center lectures header & improve vertical alignment * Add margin to bottom of lecture pane * Internationalize lectures navbar headers * Decaffeinate `lectures.coffee` via local CLI of decaffeinate see https://decaffeinate-project.org/ * Format `lectures.js` according to ESLint * Remove unnecessary use of Array.from * Use shorter variations of null checks * Remove unnecessary Coffeescript comment * Fix ESLint errors * Make better use of JS function syntax * Configure url hashes for bootstrap tabs Might also be known as "deep linking". * Simplify url hash update logic * Remove unused variable `s` * Use focus listener (not click listener) for accessibility * Implement many small UI improvements in lectures * Re-initialize masonry grid system for lecture content * Remove unnecessary spacing * Add confirmation dialog to delete forum * Add scrollbar to announcements list if too long * Redirect to correct page after creating a new announcement * Redirect to correct page after "Forum" actions * Redirect to correct page after "Comments" actions * Increase bottom margin of lecture pane * Check if errors are present to avoid nil error * Fix valid_annotations_status include check * Only load lectures_admin js related code when needed We also perform an early return if we no erdbeere examples are searched for, i.e. when the element is not yet visible on the page. * Use icons for save/cancel in assignments table * Fix structures cancel button (erdbeere) * Improve positioning of "structures" text * Get rid of unused debug message * Fix import of media for lectures not working * Remove TODO note * Delete unused tags/modal partial rendering * Stay on subpage upon save action * Fix broken browser navigation * Fix weird masonry grid system bug * Wait until tab content is shown before setting up grid system --------- Co-authored-by: fosterfarrell9 <28628554+fosterfarrell9@users.noreply.github.com>
Can be reverted once heartcombo/devise#5644 is resolved Was causing this warning: https://github.com/abtion/rails-template/actions/runs/9657664443/job/26637340275#step:10:11 > DEPRECATION WARNING: `Rails.application.secrets` is deprecated in favor of `Rails.application.credentials` and will be removed in Rails 7.2. (called from <top (required)> at /home/runner/work/rails-template/rails-template/config/environment.rb:7)
Can be reverted once heartcombo/devise#5644 is resolved Was causing this warning: https://github.com/abtion/rails-template/actions/runs/9657664443/job/26637340275#step:10:11 > DEPRECATION WARNING: `Rails.application.secrets` is deprecated in favor of `Rails.application.credentials` and will be removed in Rails 7.2. (called from <top (required)> at /home/runner/work/rails-template/rails-template/config/environment.rb:7)
DEPRECATION WARNING: `Rails.application.secrets` is deprecated in favor of `Rails.application.credentials` and will be removed in Rails 7.2. (called from <top (required)> at /home/slau/fat_free_crm/config/environment.rb:5) heartcombo/devise#5644
Environment
Current behavior
Starting an application yields deprecation warning on Rails.application.secrets
Expected behavior
No deprecation warning
The text was updated successfully, but these errors were encountered: