application.rb in railties-7.0.5

- old
+ new
@@ -420,47 +420,42 @@
           ENV["SECRET_KEY_BASE"] || credentials.secret_key_base || secrets.secret_key_base
         )
       end
     end
 
-    # Decrypts the credentials hash as kept in +config/credentials.yml.enc+. This file is encrypted with
-    # the Rails master key, which is either taken from <tt>ENV["RAILS_MASTER_KEY"]</tt> or from loading
-    # +config/master.key+.
-    # If specific credentials file exists for current environment, it takes precedence, thus for +production+
-    # environment look first for +config/credentials/production.yml.enc+ with master key taken
-    # from <tt>ENV["RAILS_MASTER_KEY"]</tt> or from loading +config/credentials/production.key+.
-    # Default behavior can be overwritten by setting +config.credentials.content_path+ and +config.credentials.key_path+.
+    # Returns an ActiveSupport::EncryptedConfiguration instance for the
+    # credentials file specified by +config.credentials.content_path+.
+    #
+    # By default, +config.credentials.content_path+ will point to either
+    # <tt>config/credentials/#{environment}.yml.enc</tt> for the current
+    # environment (for example, +config/credentials/production.yml.enc+ for the
+    # +production+ environment), or +config/credentials.yml.enc+ if that file
+    # does not exist.
+    #
+    # The encryption key is taken from either <tt>ENV["RAILS_MASTER_KEY"]</tt>,
+    # or from the file specified by +config.credentials.key_path+. By default,
+    # +config.credentials.key_path+ will point to either
+    # <tt>config/credentials/#{environment}.key</tt> for the current
+    # environment, or +config/master.key+ if that file does not exist.
     def credentials
       @credentials ||= encrypted(config.credentials.content_path, key_path: config.credentials.key_path)
     end
 
-    # Shorthand to decrypt any encrypted configurations or files.
+    # Returns an ActiveSupport::EncryptedConfiguration instance for an encrypted
+    # file. By default, the encryption key is taken from either
+    # <tt>ENV["RAILS_MASTER_KEY"]</tt>, or from the +config/master.key+ file.
     #
-    # For any file added with <tt>rails encrypted:edit</tt> call +read+ to decrypt
-    # the file with the master key.
-    # The master key is either stored in +config/master.key+ or <tt>ENV["RAILS_MASTER_KEY"]</tt>.
+    #   my_config = Rails.application.encrypted("config/my_config.enc")
     #
-    #   Rails.application.encrypted("config/mystery_man.txt.enc").read
-    #   # => "We've met before, haven't we?"
+    #   my_config.read
+    #   # => "foo:\n  bar: 123\n"
     #
-    # It's also possible to interpret encrypted YAML files with +config+.
+    #   my_config.foo.bar
+    #   # => 123
     #
-    #   Rails.application.encrypted("config/credentials.yml.enc").config
-    #   # => { next_guys_line: "I don't think so. Where was it you think we met?" }
-    #
-    # Any top-level configs are also accessible directly on the return value:
-    #
-    #   Rails.application.encrypted("config/credentials.yml.enc").next_guys_line
-    #   # => "I don't think so. Where was it you think we met?"
-    #
-    # The files or configs can also be encrypted with a custom key. To decrypt with
-    # a key in the +ENV+, use:
-    #
-    #   Rails.application.encrypted("config/special_tokens.yml.enc", env_key: "SPECIAL_TOKENS")
-    #
-    # Or to decrypt with a file, that should be version control ignored, relative to +Rails.root+:
-    #
-    #   Rails.application.encrypted("config/special_tokens.yml.enc", key_path: "config/special_tokens.key")
+    # Encrypted files can be edited with the <tt>bin/rails encrypted:edit</tt>
+    # command. (See the output of <tt>bin/rails encrypted:edit --help</tt> for
+    # more information.)
     def encrypted(path, key_path: "config/master.key", env_key: "RAILS_MASTER_KEY")
       ActiveSupport::EncryptedConfiguration.new(
         config_path: Rails.root.join(path),
         key_path: Rails.root.join(key_path),
         env_key: env_key,