It was brought to my attention that the Rails guide suggests using filenames to ensure code load order, so I thought I would suggest a better alternative.

Passing the environment's name as a regular argument is deprecated
in 48b24992.

It's become clear to me that the use case is still a bit muddy
and the upgrade path is going to be tough for people to figure
out.

This attempts at understanding it better through documentation,
but still needs follow up work.

[ Michael Coyne & Kasper Timm Hansen ]

Using the action_dispatch.cookies_rotations interface, key rotation is
now possible with cookies. Thus the secret_key_base as well as salts,
ciphers, and digests, can be rotated without expiring sessions.

Removes most mentions of secrets.secret_key_base and explains
credentials instead.

Also removes some very stale upgrade notices about Rails 3/4.

Should _probably_ be done across the board with all of our
documentation, but going to leave that for another time :)

[ci skip]

[ci skip]

Abstract boolean serialization has been using 't' and 'f', with MySQL
overriding that to use 1 and 0.

This has the advantage that SQLite natively recognizes 1 and 0 as true
and false, but does not natively recognize 't' and 'f'.

This change in serialization requires a migration of stored boolean data
for SQLite databases, so it's implemented behind a configuration flag
whose default false value is deprecated. The flag itself can be
deprecated in a future version of Rails.  While loaded models will give
the correct result for boolean columns without migrating old data,
where() clauses will interact incorrectly with old data.

While working in this area, also change the abstract adapter to use
`"TRUE"` and `"FALSE"` as quoted values and `true` and `false` for
unquoted.  These are supported by PostreSQL, and MySQL remains
overriden.

Rather than protecting from forgery in the generated
ApplicationController, add it to ActionController::Base by config. This
configuration defaults to false to support older versions which have
removed it from their ApplicationController, but is set to true for
Rails 5.2.

Remove references to deprecared raise_runtime_errors from documentation, which is always enabled now. Ref: https://github.com/rails/sprockets-rails/commit/655b93bffc6f51b96a7cc097f9010942693bfaae and https://github.com/rails/rails/pull/24070 . Fixes #29483 [ci skip] (#29484)

ActionDispatch::Callbacks.to_prepare was removed in #27587
[ci skip]

This commit changes encrypted cookies from AES in CBC HMAC mode to
Authenticated Encryption using AES-GCM. It also provides a cookie jar
to transparently upgrade encrypted cookies to this new scheme. Some
other notable changes include:

- There is a new application configuration value:
  +use_authenticated_cookie_encryption+. When enabled, AEAD encrypted
  cookies will be used.

- +cookies.signed+ does not raise a +TypeError+ now if the name of an
  encrypted cookie is used. Encrypted cookies using the same key as
  signed cookies would be verified and serialization would then fail
  due the message still be encrypted.

[ci skip]

config.time_zone is no longer in included in config/application.rb.

See 28dcadc0.

The default digest class changed to SHA256 in sprockets 3.0.
Ref: https://github.com/sstephenson/sprockets/pull/647

This changed in c0466603

* Clarify the default behavior of log_formatter

Updates language to remove reference to production.rb and fix quoting

ActionDispatch::ParamsParser class was removed in favor of
ActionDispatch::Http::Parameters so it is better to move the error
constant to the new class.

When the initial evented monitor feature was written, the latest version of listen
was the 3.0.x series. Since then the listen project has moved on to the 3.1.x series.
This patch allows the use of the new versions.

The default `cache_store` has changed in 8f0e0b63 to use `file_store`.

Currently mongrel is not maintained.
And it couldn't be built with any Ruby versions that
supported by Rails.

It is reasonable to remove the word "mongrel" in order to avoid
confusion from newcomer.

[ci skip]

[ci skip]

This reverts commit 4973704b, reversing
changes made to 78edeb33.