1 files changed, 53 insertions, 3 deletions

diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md
index 3813ef7909..a83c2b2355 100644
--- a/railties/CHANGELOG.md
+++ b/railties/CHANGELOG.md
@@ -1,15 +1,65 @@
+*   Configure `secrets.yml` and `database.yml` to read configuration
+    from the system environment by default for production.
+
+    *José Valim*
+
+*   `config.assets.raise_runtime_errors` is set to true by default
+
+    This option has been introduced in
+    [sprockets-rails#100][https://github.com/rails/sprockets-rails/pull/100]
+    and defaults to true in new applications in development.
+
+    *Richard Schneeman*
+
+*   Generates `html` and `text` templates for mailers by default.
+
+    *Kassio Borges*
+
+*   Move `secret_key_base` from `config/initializers/secret_token.rb`
+    to `config/secrets.yml`.
+
+    `secret_key_base` is now saved in `Rails.application.secrets.secret_key_base`
+    and it fallbacks to the value of `config.secret_key_base` when it is not
+    present in `config/secrets.yml`.
+
+    `config/initializers/secret_token.rb` is not generated by default
+    in new applications.
+
+    *Guillermo Iguaran*
+
+*   Generate a new `secrets.yml` file in the `config` folder for new
+    applications. By default, this file contains the application's `secret_key_base`,
+    but it could also be used to store other secrets such as access keys for external
+    APIs.
+
+    The secrets added to this file will be accessible via `Rails.application.secrets`.
+    For example, with the following `secrets.yml`:
+
+        development:
+          secret_key_base: 3b7cd727ee24e8444053437c36cc66c3
+          some_api_key: SOMEKEY
+
+    `Rails.application.secrets.some_api_key` will return `SOMEKEY` in the development
+    environment.
+
+    *Guillermo Iguaran*
+
+*   Add `ENV['DATABASE_URL']` support in `rails dbconsole`. Fixes #13320.
+
+    *Huiming Teo*
+
 *   Add `Application#message_verifier` method to return a message verifier.
 
     This verifier can be used to generate and verify signed messages in the application.
 
-        message = Rails.application.message_verifier('salt').generate('my sensible data')
-        Rails.application.message_verifier('salt').verify(message)
+        message = Rails.application.message_verifier(:sensitive_data).generate('my sensible data')
+        Rails.application.message_verifier(:sensitive_data).verify(message)
         # => 'my sensible data'
 
     It is recommended not to use the same verifier for different things, so you can get different
     verifiers passing the name argument.
 
-        message = Rails.application.message_verifier('cookies').generate('my sensible cookie data')
+        message = Rails.application.message_verifier(:cookies).generate('my sensible cookie data')
 
     See the `ActiveSupport::MessageVerifier` documentation for more information.