diff options
| author | Matilda Smeds <matildasmeds@users.noreply.github.com> | 2018-12-09 18:28:00 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-12-09 18:28:00 +0100 |
| commit | 317ad3a583fd3dbe06de8724c7fc1c6ded4cae8b (patch) | |
| tree | c7084e546cbc2f289ac8cf2057c1010b4dc7f880 /guides/source/security.md | |
| parent | a87c91cd3993d776dc987ac43b5f6c897baa3206 (diff) | |
| parent | bad1041b82df941d588ae2565f62424d88104933 (diff) | |
| download | rails-317ad3a583fd3dbe06de8724c7fc1c6ded4cae8b.tar.gz rails-317ad3a583fd3dbe06de8724c7fc1c6ded4cae8b.tar.bz2 rails-317ad3a583fd3dbe06de8724c7fc1c6ded4cae8b.zip | |
Merge branch 'master' into guides_session_guidelines_2
Diffstat (limited to 'guides/source/security.md')
| -rw-r--r-- | guides/source/security.md | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/guides/source/security.md b/guides/source/security.md index 01de952df1..a2fb4663cf 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -1193,10 +1193,15 @@ version: Rails.application.credentials.some_api_key! # => raises KeyError: :some_api_key is blank ``` + TIP: Learn more about credentials with `rails credentials:help`. WARNING: Keep your master key safe. Do not commit your master key. -WARNING: If your application's secrets have been exposed, strongly consider changing them. + +Dependency Management and CVEs +------------------------------ + +We don’t bump dependencies just to encourage use of new versions, including for security issues. This is because application owners need to manually update their gems regardless of our efforts. Use `bundle update --conservative gem_name` to safely update vulnerable dependencies. Additional Resources -------------------- |