what to do when collaborating and this error: DEPRECATION WARNING: You didn't set config.secret_key_base

Question

I read that you need to run

$ rake secret

And put that in config/initializers/secret_token.rb

However if this is an app that I just recently cloned to collaborate with someone else do they already have a secret key that everyone working on the project should use or should I just generate my own(will this cause problems if I push my code and they then pull it?) Not entirely sure what is the optimal thing to do as its my first time collaborating with others.

Answer 1

Actually the secured_token.rb should not be checked in to version control as it can be used to modify Cookies. You should absolutely generate your own and keep it to yourself. Make sure that your deployment process used a different one. I guess this will become easier (and better standardized) with the Rails 4.1 secrets.yml.