forked from indie/mastodon
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path023_upgnotes
96 lines (67 loc) · 3.59 KB
/
023_upgnotes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
Please be aware that Encryptor v2.0.0 had a major security bug when using AES-*-GCM algorithms.
By default You will not be able to decrypt data that was previously encrypted using an AES-*-GCM algorithm.
Please see the README and https://github.com/attr-encrypted/encryptor/pull/22 for more information.
Post-install message from attr_encrypted:
WARNING: Using `#encrypted_attributes` is no longer supported. Instead, use `#attr_encrypted_encrypted_attributes` to avoid
collision with Active Record 7 native encryption.
Post-install message from devise:
[DEVISE] Please review the [changelog] and [upgrade guide] for more info on Hotwire / Turbo integration.
[changelog] https://github.com/heartcombo/devise/blob/main/CHANGELOG.md
[upgrade guide] https://github.com/heartcombo/devise/wiki/How-To:-Upgrade-to-Devise-4.9.0-%5BHotwire-Turbo-integration%5D
Post-install message from doorkeeper:
Starting from 5.5.0 RC1 Doorkeeper requires client authentication for Resource Owner Password Grant
as stated in the OAuth RFC. You have to create a new OAuth client (Doorkeeper::Application) if you didn't
have it before and use client credentials in HTTP Basic auth if you previously used this grant flow without
client authentication.
To opt out of this you could set the "skip_client_authentication_for_password_grant" configuration option
to "true", but note that this is in violation of the OAuth spec and represents a security risk.
Read https://github.com/doorkeeper-gem/doorkeeper/issues/561#issuecomment-612857163 for more details.
Post-install message from paperclip:
##################################################
# NOTE FOR UPGRADING FROM 4.3.0 OR EARLIER #
##################################################
Paperclip is now compatible with aws-sdk-s3.
If you are using S3 storage, aws-sdk-s3 requires you to make a few small
changes:
* You must set the `s3_region`
* If you are explicitly setting permissions anywhere, such as in an initializer,
note that the format of the permissions changed from using an underscore to
using a hyphen. For example, `:public_read` needs to be changed to
`public-read`.
For a walkthrough of upgrading from 4 to *5* (not 6) and aws-sdk >= 2.0 you can watch
http://rubythursday.com/episodes/ruby-snack-27-upgrade-paperclip-and-aws-sdk-in-prep-for-rails-5
Post-install message from rubyzip:
RubyZip 3.0 is coming!
**********************
The public API of some Rubyzip classes has been modernized to use named
parameters for optional arguments. Please check your usage of the
following classes:
* `Zip::File`
* `Zip::Entry`
* `Zip::InputStream`
* `Zip::OutputStream`
Please ensure that your Gemfiles and .gemspecs are suitably restrictive
to avoid an unexpected breakage when 3.0 is released (e.g. ~> 2.3.0).
See https://github.com/rubyzip/rubyzip for details. The Changelog also
lists other enhancements and bugfixes that have been implemented since
version 2.3.0.
Post-install message from sidekiq-unique-jobs:
IMPORTANT!
Automatic configuration of the sidekiq middleware is no longer done.
Please see: https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/README.md#add-the-middleware
This version deprecated the following sidekiq_options
- sidekiq_options lock_args: :method_name
It is now configured with:
- sidekiq_options lock_args_method: :method_name
This is also true for `Sidekiq.default_worker_options`
We also deprecated the global configuration options:
- default_lock_ttl
- default_lock_ttl=
- default_lock_timeout
- default_lock_timeout=
The new methods to use are:
- lock_ttl
- lock_ttl=
- lock_timeout
- lock_timeout=
mastodon@bluepulsar