Rails 7.1 updated password validation changed rendering of password inputs

[arg]

I'm not entirely sure who I should report this issue to, but it looks like has_secure_password change made in rails/rails#47708 partially broke rendering of password inputs, as it doesn't use the regular validates_length_of anymore, but instead goes with a custom validation. So the following snippet renders different output in Rails 7.0 and Rails 7.1

class User < ApplicationRecord
  # has email attribute
  has_secure_password
end
...
@user = User.new
...
= simple_form_for @user, url: login_path, method: :post do |f|
  = f.input :email
  = f.input :password

Environment

• Ruby 3.2.0
• Rails 7.1.2
• Simple Form 5.3.0

Current behavior

<form class="simple_form form-vertical new_user" id="new_user" novalidate="novalidate" action="/login" accept-charset="UTF-8" method="post">
  <div class="field">
    <label for="user_email">Email</label>
    <input maxlength="100" type="email" size="100" name="user[email]" id="user_email">
  </div>
  <div class="field">
    <label for="user_password">Password</label>
    <input type="password" name="user[password]" id="user_password">
  </div>
</form>

Expected behavior

Notice the maxlength="72" and size="72" attributes of password input

<form class="simple_form form-vertical new_user" id="new_user" novalidate="novalidate" action="/login" accept-charset="UTF-8" method="post">
  <div class="field">
    <label for="user_email">Email</label>
    <input maxlength="100" type="email" size="100" name="user[email]" id="user_email">
  </div>
  <div class="field">
    <label for="user_password">Password</label>
    <input maxlength="72" size="72" type="password" name="user[password]" id="user_password">
  </div>
</form>

Of course, as a workaround we can just specify maxlength for every password, password confirmation and password challenge input.