Deprecation - Rails.application.secrets #5644
Comments
|
Issue is caused by Is there any reason why we need SecretKeyFinder any more? I assume it was required to cover various rails version, but now devise dropped support for rails < 6.0, so there's always |
|
Hello, I wanted to report that I am facing a similar issue with the deprecation warning related to My environment details:
I would appreciate any assistance or recommendations on how to resolve this issue. Kind regards, |
|
For those looking for an immediate fix, it is possible to monkey_patch around the issue. Add the following in your initializers/devise.rb: |
|
No monkey patching needed, you can just configure Devise's secret_key in your setup: Devise.setup do |config|
config.secret_key = ENV['SECRET_KEY_BASE'] # or whatever is your preferred method
endDevise will only want to use the SecretKeyFinder if it isn't already configured. |
|
Thanks @ckraybill, that's nice! It looks like you can also do this to keep it DRY where you are specifying the secret key base, whether it's ENV or elsewhere: Devise.setup do |config|
config.secret_key = Rails.application.secret_key_base
end |
jrochkind
added a commit
to sciencehistory/scihist_digicoll
that referenced
this issue
Nov 21, 2023
…on warning when it tries deprecated places. heartcombo/devise#5644
tvararu
added a commit
to nhsuk/manage-vaccinations-in-schools
that referenced
this issue
Nov 24, 2023
It's coming from Devise and can be removed by specifying the secret_key_base explicitly: heartcombo/devise#5644
tvararu
added a commit
to nhsuk/manage-vaccinations-in-schools
that referenced
this issue
Nov 24, 2023
It's coming from Devise and can be removed by specifying the secret_key_base explicitly: heartcombo/devise#5644
tvararu
added a commit
to nhsuk/manage-vaccinations-in-schools
that referenced
this issue
Nov 24, 2023
It's coming from Devise and can be removed by specifying the secret_key_base explicitly: heartcombo/devise#5644
scruti
added a commit
to DFE-Digital/teaching-vacancies
that referenced
this issue
Nov 30, 2023
By default Devise uses its internal SecretKeyFinder library to look up for the "secret_key_base" value. Looking for the secrets is deprecated, and raises warnings as metioned in this issue: heartcombo/devise#5644 The solution is to configure Devise to directly take the secret_key_base from the Rails application config.
tvararu
added a commit
to design-history/design-history
that referenced
this issue
Dec 13, 2023
tvararu
added a commit
to design-history/design-history
that referenced
this issue
Dec 13, 2023
gravitystorm
added a commit
to gravitystorm/openstreetmap-website
that referenced
this issue
Dec 13, 2023
JunichiIto
added a commit
to JunichiIto/everydayrails-rspec-jp-2024
that referenced
this issue
Jan 1, 2024
This was referenced Jan 1, 2024
jcoyne
added a commit
to sul-dlss/SearchWorks
that referenced
this issue
Jan 31, 2024
To prevent a deprecation warning from devise. We override this value in deployed environments. See heartcombo/devise#5644
gravitystorm
added a commit
to gravitystorm/openstreetmap-website
that referenced
this issue
Jan 31, 2024
gravitystorm
added a commit
to gravitystorm/openstreetmap-website
that referenced
this issue
Feb 7, 2024
gravitystorm
added a commit
to gravitystorm/openstreetmap-website
that referenced
this issue
Feb 14, 2024
ybakos
added a commit
to OregonStateUniversity/ltpbr-explorer
that referenced
this issue
Mar 25, 2024
Rails is producing a deprecation warning when running tests because Devise is reaching for secrets instead of credentials. Explicitly set the devise secret key to prevent it from searching in Rails.application.secrets. See heartcombo/devise#5644 References #294
Splines
added a commit
to MaMpf-HD/mampf
that referenced
this issue
Apr 24, 2024
Splines
added a commit
to MaMpf-HD/mampf
that referenced
this issue
Apr 26, 2024
* Upgrade Rails to v7.1 and run `bundle update` See the upgrade guide here: https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html * Use older version of `html-parser` for `thredded` See thredded/thredded#979 * Use new `config.autoload_lib` in Rails 7.1 See https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html#config-autoload-lib-and-config-autoload-lib-once Eager loading is on by default for production. * Remove unused app environment variables usage The file `config/app_environment_variables.rb` does not exist in our codebase anymore. * Run `bin/rails app:update` to update configurations * Add new framework defaults for Rails 7.1 file * Update `listen` gem version This was done because `bin/rails app:update` failed with: ** Execute app:update:active_storage rails active_storage:update bin/rails aborted! Gem::LoadError: can't activate listen (~> 3.5), already activated listen-3.0.8. Make sure all dependencies are added to Gemfile. * Add TODO note for upcoming serialize change * Reduce new framework defaults list * Add migrations introduced by rails update task * Remove unneeded ActiveStorage migrations * Remove defaults for sha-256 as we are unaffected * Use new Rails 7.1 defaults * Fix TODO rubocop warning * Update bundler version to 2.5.9 You can do so locally via `bundle update --bundler` * Remove unnecessary entries in `Gemfile.lock` Performed automatically via `bundle install`. * Address `Passing the coder as positional arg` deprecation This is a followup to rails/rails#47463 * add yaml coder explicitly for serializing arrays * Migrate from globalize to mobility due to serialization warnings * Update gem lockfile to include `mobility` `bundle install` also removed globalize automatically for us. * Add `I18nLocaleAccessors` as replacement for `globalize_attribute_names` * Remove obsolete comment regarding `globalize` * Fix Rails `secrets` deprecation warning (Devise) This is due to heartcombo/devise#5644. * Use `install_folder` in cypress on rails `cypress_folder` is deprecated as config option --------- Co-authored-by: fosterfarrell9 <28628554+fosterfarrell9@users.noreply.github.com>
goulvench
added a commit
to betagouv/collectif-objets
that referenced
this issue
Apr 29, 2024
goulvench
added a commit
to betagouv/collectif-objets
that referenced
this issue
Apr 29, 2024
heartcombo/devise#5644 On supprime le secret généré par Devise dans du code commenté parce que GitGuardian s'en offusque.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Environment
Current behavior
Starting an application yields deprecation warning on Rails.application.secrets
Expected behavior
No deprecation warning
The text was updated successfully, but these errors were encountered: