[PATCH] Use secrets and fall back to random.SystemRandom for keys
Jeremy Cline
jcline at redhat.com
Thu Oct 10 09:55:35 AEDT 2019
On Thu, Oct 10, 2019 at 09:32:13AM +1100, Daniel Axtens wrote:
> > diff --git a/releasenotes/notes/use-secrets-and-fall-back-to-random.SystemRandom-for-keys-9ceb496919a1bb6f.yaml b/releasenotes/notes/use-secrets-and-fall-back-to-random.SystemRandom-for-keys-9ceb496919a1bb6f.yaml
> > new file mode 100644
> > index 0000000..7b101cb
> > --- /dev/null
> > +++ b/releasenotes/notes/use-secrets-and-fall-back-to-random.SystemRandom-for-keys-9ceb496919a1bb6f.yaml
> > @@ -0,0 +1,5 @@
> > +---
> > +security:
> > + - |
> > + Change the recommended method for generating the Django secret key to use a
> > + cryptographically secure random number generator.
>
> Oh, while I remember, I think I've had trouble with the security:
> section before. Have you been able to verify that this shows up in the
> docs? (I build mine with `docker-compose run web tox -e docs`)
>
Ah, you caught me. I noticed the request for a release note late in the
game and didn't actually check that it worked in the docs. You're right,
it doesn't show up. Some quick debugging indicates that the reno config
is excluding the section, something like:
diff --git a/releasenotes/config.yaml b/releasenotes/config.yaml
index cd31940..6c7d622 100644
--- a/releasenotes/config.yaml
+++ b/releasenotes/config.yaml
@@ -11,3 +11,4 @@ sections:
- [fixes, Bug Fixes]
- [api, API Changes]
- [other, Other Notes]
+ - [security, Security Notes]
fixes it. I can re-roll the patch if you like.
More information about the Patchwork
mailing list