Merge pull request rails#46541 from rajivraman/patch-1 [ci skip]

Update upgrading_ruby_on_rails.md to accentuate need for cookie rotator.

Author: p8

guides/source/upgrading_ruby_on_rails.md

@@ -416,14 +416,15 @@ request.content_type #=> "text/csv; header=present; charset=utf-16"
 request.media_type   #=> "text/csv"
 ```
 
-### Key generator digest class changing to use SHA256
+### Key generator digest class change requires a cookie rotator
 
 The default digest class for the key generator is changing from SHA1 to SHA256.
 This has consequences in any encrypted message generated by Rails, including
 encrypted cookies.
 
 In order to be able to read messages using the old digest class it is necessary
-to register a rotator.
+to register a rotator. Failing to do so may result in users having their sessions
+invalidated during the upgrade.
 
 The following is an example for rotator for the encrypted and the signed cookies.