Omniauth warning in production

Open jmilljr24 opened this issue 10 months ago • 1 comments

Is this something that needs to be addressed soon?

Dev's with production ssh access run kamal app logs to view. Should this be silenced?

Side note: This is printing to STDOUT vs the rest of our logs are set to production.log. I'm not sure I would have noticed it in production.log but I believe we could set it to output there if it's preferred to keep everything in one place.

Feb 12 '25 18:02 jmilljr24

I've seen this issue before and imo it isn't an urgent thing that needs to be addressed. Not many malicious actors looking to take down a non profit app. It shouldn't be too hard to fix by switching the GETs to POSTs in configuration in Omniauth (based on my memory)

May 03 '25 22:05 edwinthinks