In Rails 7, the the default digest class for the key generator changed from SHA1 to SHA256, but we're still on SHA1.
In order to finish the Rails 7 upgrade tasks (even though we're on 7.1 right now), we have to register a rotator for the encrypted messages we store, and then rotate them.
Need to test this heavily to ensure it actually works before shipping it, then we can bump the load_defaults from 6.1 to 7.0, and then move forward to Rails 7.2 in the future.
In Rails 7, the the default digest class for the key generator changed from SHA1 to SHA256, but we're still on SHA1.
In order to finish the Rails 7 upgrade tasks (even though we're on 7.1 right now), we have to register a rotator for the encrypted messages we store, and then rotate them.
Need to test this heavily to ensure it actually works before shipping it, then we can bump the load_defaults from 6.1 to 7.0, and then move forward to Rails 7.2 in the future.
https://guides.rubyonrails.org/v7.0/upgrading_ruby_on_rails.html#key-generator-digest-class-changing-to-use-sha256