From d0334b8f017eb63b37359c738860046fb4daa710 Mon Sep 17 00:00:00 2001
From: John Hawthorn <john@hawthorn.email>
Date: Fri, 22 Mar 2019 17:53:55 -0700
Subject: Update comment for how secret key is calculated

This updates the comment to reflect how the secret key is generated
since 4c743587ad6a31908503ab317e37d70361d49e66

Fixes #35717
---
 railties/lib/rails/application.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
index 6bc6c548d2..038284ebdd 100644
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@@ -409,7 +409,8 @@ module Rails
     # The secret_key_base is used as the input secret to the application's key generator, which in turn
     # is used to create all MessageVerifiers/MessageEncryptors, including the ones that sign and encrypt cookies.
     #
-    # In test and development, this is simply derived as a MD5 hash of the application's name.
+    # In development and test, this is randomly generated and stored in a
+    # temporary file in <tt>tmp/development_secret.txt</tt>.
     #
     # In all other environments, we look for it first in ENV["SECRET_KEY_BASE"],
     # then credentials.secret_key_base, and finally secrets.secret_key_base. For most applications,
-- 
cgit v1.2.3