sfirke commented on code in PR #27921: URL: https://github.com/apache/superset/pull/27921#discussion_r1553601854
########## docs/docs/installation/configuring-superset.mdx: ########## @@ -99,6 +99,10 @@ SECRET_KEY = 'YOUR_OWN_RANDOM_GENERATED_SECRET_KEY' You can generate a strong secure key with `openssl rand -base64 42`. +> Your secret key will be used for securely signing session cookies Review Comment: ```suggestion :::caution Your secret key will be used for securely signing session cookies ``` ########## docs/docs/installation/configuring-superset.mdx: ########## @@ -99,6 +99,10 @@ SECRET_KEY = 'YOUR_OWN_RANDOM_GENERATED_SECRET_KEY' You can generate a strong secure key with `openssl rand -base64 42`. +> Your secret key will be used for securely signing session cookies + and encrypting sensitive information on the database Review Comment: ```suggestion and encrypting sensitive information stored in Superset's application metadata database. ``` ########## docs/docs/installation/configuring-superset.mdx: ########## @@ -99,6 +99,10 @@ SECRET_KEY = 'YOUR_OWN_RANDOM_GENERATED_SECRET_KEY' You can generate a strong secure key with `openssl rand -base64 42`. +> Your secret key will be used for securely signing session cookies + and encrypting sensitive information on the database + Make sure you are changing this key for your deployment with a strong key. Review Comment: ```suggestion Ensure your deployment uses a strong, unique key. Store this key securely. Without this key, you will be unable to access your Superset metadata database. That is, you will lose all of your Superset dashboards, charts, etc. ::: ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
