Add docs from gofiber/fiber@323d2c8

github-actions[bot] · github-actions[bot] · commit ac515996b537 · 2025-08-23T17:25:36.000Z
diff --git a/docs/core/whats_new.md b/docs/core/whats_new.md
@@ -1115,8 +1115,6 @@ We've added support for `zstd` compression on top of `gzip`, `deflate`, and `bro
 
 The `Expiration` field in the CSRF middleware configuration has been renamed to `IdleTimeout` to better describe its functionality. Additionally, the default value has been reduced from 1 hour to 30 minutes.
 
-The `ContextKey` field has been removed. Tokens and handlers are now stored using unexported keys; retrieve them with `csrf.TokenFromContext(c)` or `csrf.HandlerFromContext(c)`.
-
 ### EncryptCookie
 
 Added support for specifying key length when using `encryptcookie.GenerateKey(length)`. Keys must be base64-encoded and may be 16, 24, or 32 bytes when decoded, supporting AES-128, AES-192, and AES-256 (default).
@@ -2000,7 +1998,7 @@ The `github.com/gofiber/utils/v2` module also introduces new helpers like `Parse
 **Impact:** Directly accessing these middleware-provided values via `c.Locals("some_string_key")` will no longer work.
 
 **Migration Action:**
-You must update your code to use the dedicated exported functions provided by each affected middleware to retrieve its data from the context.
+The `ContextKey` configuration option has been removed from all middlewares. Values are no longer stored under user-defined keys. You must update your code to use the dedicated exported functions provided by each affected middleware to retrieve its data from the context.
 
 **Examples of new helper functions to use:**
 
@@ -2109,13 +2107,6 @@ app.Use(csrf.New(csrf.Config{
 }))
 ```
 
-- **ContextKey Removal**: The `ContextKey` field has been removed from the CSRF middleware configuration. Access the token and handler using helper functions instead:
-
-```go
-token := csrf.TokenFromContext(c)
-handler := csrf.HandlerFromContext(c)
-```
-
 - **Session Key Removal**: The `SessionKey` field has been removed from the CSRF middleware configuration. The session key is now an unexported constant within the middleware to avoid potential key collisions in the session store.
 
 - **KeyLookup Field Removal**: The `KeyLookup` field has been removed from the CSRF middleware configuration. This field was deprecated and is no longer needed as the middleware now uses a more secure approach for token management.
