At my company, we’ve rolled out our own KeyGenerator to use a specific digest class and a different iterations count. Rails 7.1 brought a specific configuration option for the digest class to use with encryption, but the iterations count is still not configurable.
While ActiveSupport’s KeyGenerator allows an override, ActiveRecord’s default one does not allow using anything else than the default: https://github.com/rails/rails/blob/v7.1.1/activerecord/lib/active_record/encryption/key_generator.rb#L38-L40
Would it be ok to open a PR for this? Anything I need to keep in mind while working on that PR? Do we want to add a warning if the number of iterations given as argument is deemed to low, for example?
Thanks for your time