Robert Fletcher

> Do you think > > > The sequence of ids is not guaranteed to be in any particular order, despite often (incidentally) being chronological > > is incorrect? @pirj...

It would be great to have schema support. When running `rails db:reset` in dev mode it loads the schema into the database. If constraints are not in `schema.rb` they will...

@mvz the version control problems we saw weren't related to the migration numbers. It also outputs a bunch of settings at the top of the file, and those kept changing...

> It's manageable: use the same dbms version, docker, and/or have the person reviewing PRs re-migrate and commit a canonical version before merging. In other words, It's manageable by adding...

I don't think global ids should interfere with uniqueness, since they're just a string. They get serialized in the arguments as something like: ```rb {"_aj_globalid"=>"gid://my_app/User/13987607"} ```

@tdreyno I see, do you know when 5.x will be released?

I am not an expert, but based on my reading it looks like if you're using `force_ssl` then [cookies will be secure against session hijacking as well](https://edgeguides.rubyonrails.org/security.html#session-hijacking).

You can add timestamps to cookie based sessions as well. They're tamper proof unless your application key has been compromised. The important thing is not to trust the browser based...

@nflorentin I am going to preface this by saying **I am not a security expert** so all of this is to the best of my understanding. Regarding the issue you...

@nflorentin it's important to remember that `curl` is not your browser. Yes, if you have a copy of an old cookie you can re-use it. However, to my knowledge, browsers...