...
There is no more worrying about SSL/HTTPS. As it is now just a regular site on Apache and not essentially two separate sites that needed to talk to each other, so HTTPS "just works". 
We now use the PHP Composer dependency package. If you download from Github you will need to use this and install the dependencies yourself. If you download from FirstWave, we have taken care of that for you. 
...
Logging is now on the filesystem, rather than in the database. All-access is logged by default. You can find daily logs at /open-audit/writeable/logs/. You may need to manually remove these 'eventually'. The logs rotate daily, but we do not delete these. They are potentially a source of security/access information. It is left to you the user to remove these when you want to. The default amount of logging is minimal though, so you should be able to leave a lot of these in place.
Session data is no longer stored in the database. You can find it on the filesystem at /open-audit/writeable/session/
...