From 165cb5fa2c2e3eee70436b975934dcec9a179b92 Mon Sep 17 00:00:00 2001
From: Steve Polito <stevepolito@hey.com>
Date: Fri, 4 Apr 2025 11:58:55 -0400
Subject: [PATCH 1/2] Rails: Default to "sandbox" mode when accessing
 production-like environments

In an effort to avoid mutating production data, we recommend using
"sandbox" mode when using `rails console`.

If you need to [maniuplate data][data migrate], consider running a
custom Rake task, or use [maintenance_tasks][].

[data migrate]: https://guides.rubyonrails.org/active_record_migrations.html#data-migrations
[maintenance_tasks]: https://github.com/Shopify/maintenance_tasks
---
 rails/README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/rails/README.md b/rails/README.md
index 49de6413..d6618e59 100644
--- a/rails/README.md
+++ b/rails/README.md
@@ -81,6 +81,12 @@ Guidance on ActiveRecord, ActiveModel, and other model objects.
 - Use `db/seeds.rb` for data that is required in all environments.
 - Use `dev:prime` rake task for development environment seed data.
 
+## Console
+
+- Access production-like [console][] sessions in "sandbox" mode: `bin/rails console --sandbox`
+
+[console]: https://guides.rubyonrails.org/command_line.html#bin-rails-console
+
 ## Migrations
 
 [Sample](migration.rb)

From 4e4e6bd3e369dddcbbfe66e62e51a1f26e0ed12d Mon Sep 17 00:00:00 2001
From: Steve Polito <stevepolito@hey.com>
Date: Mon, 7 Apr 2025 10:03:25 -0400
Subject: [PATCH 2/2] Codify preference with configuration

---
 rails/README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/rails/README.md b/rails/README.md
index d6618e59..a0f6b06f 100644
--- a/rails/README.md
+++ b/rails/README.md
@@ -81,11 +81,11 @@ Guidance on ActiveRecord, ActiveModel, and other model objects.
 - Use `db/seeds.rb` for data that is required in all environments.
 - Use `dev:prime` rake task for development environment seed data.
 
-## Console
+## Security
 
-- Access production-like [console][] sessions in "sandbox" mode: `bin/rails console --sandbox`
+- Set [config.sandbox_by_default][sandbox] to `true` in production-like environments to avoid accidental writing to the production database.
 
-[console]: https://guides.rubyonrails.org/command_line.html#bin-rails-console
+[sandbox]: https://guides.rubyonrails.org/configuring.html#config-sandbox-by-default
 
 ## Migrations