[Django] #36782: Add management command for generating a Django SECRET_KEY
11 views
Skip to first unread message
Django
Dec 8, 2025, 6:50:51 AM12/8/25
to django-...@googlegroups.com
#36782: Add management command for generating a Django SECRET_KEY
-------------------------------------+-------------------------------------
Reporter: joe-philip | Type: New
| feature
Status: new | Component: Core
| (Management commands)
Version: 6.0 | Severity: Normal
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
### **Summary**
Django provides a utility function,
`django.core.management.utils.get_random_secret_key()`, for generating
cryptographically secure secret keys. However, Django does not currently
offer a built-in `django-admin` or `manage.py` command to generate a new
SECRET_KEY for production use.
Developers frequently need to generate a proper secret key when:
* deploying to production,
* regenerating keys for CI/CD pipelines,
* creating new environments,
* or building automation scripts.
Since Django encourages using a strong, unique secret key in production,
providing a first-class management command improves the developer
experience and aligns with Django's philosophy of offering batteries-
included tools.
---
### **Proposed Feature**
Introduce a new management command:
```
python manage.py generate_secret_key
```
This command would output a securely generated secret key using Django's
existing function:
```python
get_random_secret_key()
```
### **Example Output**
```
g6v#s-!98=u&1xp$@1g&3s5)k5a(4l#1$g@)n#hjz9c4
```
---
### **Rationale**
1. **Consistency** – Django already provides the function but not an
accessible command.
2. **Developer convenience** – Users currently rely on third-party
snippets, shell scripts, or copy-paste from docs.
3. **Security** – Encourages developers to use Django’s own
cryptographically strong generator rather than unsafe or custom-made
solutions.
4. **Automation** – Useful for scripts, CI pipelines, container builds,
and provisioning tools.
---
### **Proposed Implementation**
A new command under:
```
django/core/management/commands/generate_secret_key.py
```
Example implementation:
```python
from django.core.management.base import BaseCommand
from django.core.management.utils import get_random_secret_key
class Command(BaseCommand):
help = "Generate a new Django SECRET_KEY."
def handle(self, *args, **options):
self.stdout.write(get_random_secret_key())
```
---
### **Documentation**
Add a section to `docs/ref/django-admin.txt` describing the new command
with usage examples.
---
### **Tests**
A test would be added to ensure:
* The command runs successfully.
* The output is a string.
* The generated key meets expected length and randomness criteria.
Example:
```python
from django.core.management import call_command
from django.test import SimpleTestCase
class GenerateSecretKeyTests(SimpleTestCase):
def test_generates_valid_key(self):
key = call_command('generate_secret_key', stdout=None)
self.assertIsInstance(key, str)
self.assertGreater(len(key), 30)
```
--
Ticket URL: <https://code.djangoproject.com/ticket/36782>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
-------------------------------------+-------------------------------------
Reporter: joe-philip | Type: New
| feature
Status: new | Component: Core
| (Management commands)
Version: 6.0 | Severity: Normal
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
### **Summary**
Django provides a utility function,
`django.core.management.utils.get_random_secret_key()`, for generating
cryptographically secure secret keys. However, Django does not currently
offer a built-in `django-admin` or `manage.py` command to generate a new
SECRET_KEY for production use.
Developers frequently need to generate a proper secret key when:
* deploying to production,
* regenerating keys for CI/CD pipelines,
* creating new environments,
* or building automation scripts.
Since Django encourages using a strong, unique secret key in production,
providing a first-class management command improves the developer
experience and aligns with Django's philosophy of offering batteries-
included tools.
---
### **Proposed Feature**
Introduce a new management command:
```
python manage.py generate_secret_key
```
This command would output a securely generated secret key using Django's
existing function:
```python
get_random_secret_key()
```
### **Example Output**
```
g6v#s-!98=u&1xp$@1g&3s5)k5a(4l#1$g@)n#hjz9c4
```
---
### **Rationale**
1. **Consistency** – Django already provides the function but not an
accessible command.
2. **Developer convenience** – Users currently rely on third-party
snippets, shell scripts, or copy-paste from docs.
3. **Security** – Encourages developers to use Django’s own
cryptographically strong generator rather than unsafe or custom-made
solutions.
4. **Automation** – Useful for scripts, CI pipelines, container builds,
and provisioning tools.
---
### **Proposed Implementation**
A new command under:
```
django/core/management/commands/generate_secret_key.py
```
Example implementation:
```python
from django.core.management.base import BaseCommand
from django.core.management.utils import get_random_secret_key
class Command(BaseCommand):
help = "Generate a new Django SECRET_KEY."
def handle(self, *args, **options):
self.stdout.write(get_random_secret_key())
```
---
### **Documentation**
Add a section to `docs/ref/django-admin.txt` describing the new command
with usage examples.
---
### **Tests**
A test would be added to ensure:
* The command runs successfully.
* The output is a string.
* The generated key meets expected length and randomness criteria.
Example:
```python
from django.core.management import call_command
from django.test import SimpleTestCase
class GenerateSecretKeyTests(SimpleTestCase):
def test_generates_valid_key(self):
key = call_command('generate_secret_key', stdout=None)
self.assertIsInstance(key, str)
self.assertGreater(len(key), 30)
```
--
Ticket URL: <https://code.djangoproject.com/ticket/36782>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
Dec 8, 2025, 6:51:38 AM12/8/25
to django-...@googlegroups.com
#36782: Add management command for generating a Django SECRET_KEY
-------------------------------------+-------------------------------------
Reporter: joe-philip | Owner: joe-
-------------------------------------+-------------------------------------
| philip
Type: New feature | Status: assigned
Component: Core (Management | Version: 6.0
commands) |
Severity: Normal | Resolution:
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by joe-philip):
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
* owner: (none) => joe-philip
* status: new => assigned
--
Ticket URL: <https://code.djangoproject.com/ticket/36782#comment:1>
Django
Dec 8, 2025, 6:53:26 AM12/8/25
to django-...@googlegroups.com
#36782: Add management command for generating a Django SECRET_KEY
-------------------------------------+-------------------------------------
Reporter: joe-philip | Owner: joe-
| philip
Type: New feature | Status: assigned
Component: Core (Management | Version: 6.0
commands) |
Severity: Normal | Resolution:
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Description changed by joe-philip:
-------------------------------------+-------------------------------------
Reporter: joe-philip | Owner: joe-
| philip
Type: New feature | Status: assigned
Component: Core (Management | Version: 6.0
commands) |
Severity: Normal | Resolution:
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Old description:
**Summary**
Django provides a utility function,
`django.core.management.utils.get_random_secret_key()`, for generating
cryptographically secure secret keys. However, Django does not currently
offer a built-in `django-admin` or `manage.py` command to generate a new
SECRET_KEY for production use.
Developers frequently need to generate a proper secret key when:
* deploying to production,
* regenerating keys for CI/CD pipelines,
* creating new environments,
* or building automation scripts.
Since Django encourages using a strong, unique secret key in production,
providing a first-class management command improves the developer
experience and aligns with Django's philosophy of offering batteries-
included tools.
---
**Proposed Feature**
Introduce a new management command:
```
python manage.py generate_secret_key
```
This command would output a securely generated secret key using Django's
existing function:
```python
get_random_secret_key()
```
**Example Output**
Introduce a new management command:
```
python manage.py generate_secret_key
```
This command would output a securely generated secret key using Django's
existing function:
```python
get_random_secret_key()
```
```
g6v#s-!98=u&1xp$@1g&3s5)k5a(4l#1$g@)n#hjz9c4
```
---
**Rationale**
1. **Consistency** – Django already provides the function but not an
accessible command.
2. **Developer convenience** – Users currently rely on third-party
snippets, shell scripts, or copy-paste from docs.
3. **Security** – Encourages developers to use Django’s own
cryptographically strong generator rather than unsafe or custom-made
solutions.
4. **Automation** – Useful for scripts, CI pipelines, container builds,
and provisioning tools.
---
**Proposed Implementation**
A new command under:
```
django/core/management/commands/generate_secret_key.py
```
Example implementation:
```python
from django.core.management.base import BaseCommand
from django.core.management.utils import get_random_secret_key
class Command(BaseCommand):
help = "Generate a new Django SECRET_KEY."
def handle(self, *args, **options):
self.stdout.write(get_random_secret_key())
```
---
A new command under:
```
django/core/management/commands/generate_secret_key.py
```
Example implementation:
```python
from django.core.management.base import BaseCommand
from django.core.management.utils import get_random_secret_key
class Command(BaseCommand):
help = "Generate a new Django SECRET_KEY."
def handle(self, *args, **options):
self.stdout.write(get_random_secret_key())
```
---
**Documentation**
Add a section to `docs/ref/django-admin.txt` describing the new command
with usage examples.
---
Add a section to `docs/ref/django-admin.txt` describing the new command
with usage examples.
---
**Tests**
A test would be added to ensure:
* The command runs successfully.
* The output is a string.
* The generated key meets expected length and randomness criteria.
Example:
```python
from django.core.management import call_command
from django.test import SimpleTestCase
class GenerateSecretKeyTests(SimpleTestCase):
def test_generates_valid_key(self):
key = call_command('generate_secret_key', stdout=None)
self.assertIsInstance(key, str)
self.assertGreater(len(key), 30)
```
--
--
A test would be added to ensure:
* The command runs successfully.
* The output is a string.
* The generated key meets expected length and randomness criteria.
Example:
```python
from django.core.management import call_command
from django.test import SimpleTestCase
class GenerateSecretKeyTests(SimpleTestCase):
def test_generates_valid_key(self):
key = call_command('generate_secret_key', stdout=None)
self.assertIsInstance(key, str)
self.assertGreater(len(key), 30)
```
--
Ticket URL: <https://code.djangoproject.com/ticket/36782#comment:2>
Django
Dec 8, 2025, 6:54:28 AM12/8/25
to django-...@googlegroups.com
#36782: Add management command for generating a Django SECRET_KEY
-------------------------------------+-------------------------------------
Reporter: joe-philip | Owner: joe-
| philip
Type: New feature | Status: assigned
Component: Core (Management | Version: 6.0
commands) |
Severity: Normal | Resolution:
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Description changed by joe-philip:
Old description:
-------------------------------------+-------------------------------------
Reporter: joe-philip | Owner: joe-
| philip
Type: New feature | Status: assigned
Component: Core (Management | Version: 6.0
commands) |
Severity: Normal | Resolution:
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Description changed by joe-philip:
Old description:
Django
Dec 8, 2025, 6:55:11 AM12/8/25
to django-...@googlegroups.com
Django
Dec 8, 2025, 6:57:27 AM12/8/25
to django-...@googlegroups.com
#36782: Add management command for generating a Django SECRET_KEY
-------------------------------------+-------------------------------------
Reporter: Joe Philip | Owner: Joe
-------------------------------------+-------------------------------------
| Philip
Type: New feature | Status: assigned
Component: Core (Management | Version: 6.0
commands) |
Severity: Normal | Resolution:
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Description changed by Joe Philip:
Component: Core (Management | Version: 6.0
commands) |
Severity: Normal | Resolution:
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
get_random_secret_key()
}}}
**Example Output**
`g6v#s-!98=u&1xp$@1g&3s5)k5a(4l#1$g@)n#hjz9c4`
---
**Rationale**
1. **Consistency** – Django already provides the function but not an
accessible command.
2. **Developer convenience** – Users currently rely on third-party
snippets, shell scripts, or copy-paste from docs.
3. **Security** – Encourages developers to use Django’s own
cryptographically strong generator rather than unsafe or custom-made
solutions.
4. **Automation** – Useful for scripts, CI pipelines, container builds,
and provisioning tools.
---
**Proposed Implementation**
A new command under:
`django/core/management/commands/generate_secret_key.py`
Example implementation:
{{{
}}}
**Example Output**
`g6v#s-!98=u&1xp$@1g&3s5)k5a(4l#1$g@)n#hjz9c4`
---
**Rationale**
1. **Consistency** – Django already provides the function but not an
accessible command.
2. **Developer convenience** – Users currently rely on third-party
snippets, shell scripts, or copy-paste from docs.
3. **Security** – Encourages developers to use Django’s own
cryptographically strong generator rather than unsafe or custom-made
solutions.
4. **Automation** – Useful for scripts, CI pipelines, container builds,
and provisioning tools.
---
**Proposed Implementation**
A new command under:
`django/core/management/commands/generate_secret_key.py`
Example implementation:
from django.core.management.base import BaseCommand
from django.core.management.utils import get_random_secret_key
class Command(BaseCommand):
help = "Generate a new Django SECRET_KEY."
def handle(self, *args, **options):
self.stdout.write(get_random_secret_key())
}}}
---
**Documentation**
Add a section to `docs/ref/django-admin.txt` describing the new command
with usage examples.
---
**Tests**
A test would be added to ensure:
* The command runs successfully.
* The output is a string.
* The generated key meets expected length and randomness criteria.
Example:
{{{
from django.core.management.utils import get_random_secret_key
class Command(BaseCommand):
help = "Generate a new Django SECRET_KEY."
def handle(self, *args, **options):
self.stdout.write(get_random_secret_key())
}}}
---
**Documentation**
Add a section to `docs/ref/django-admin.txt` describing the new command
with usage examples.
---
**Tests**
A test would be added to ensure:
* The command runs successfully.
* The output is a string.
* The generated key meets expected length and randomness criteria.
Example:
from django.core.management import call_command
from django.test import SimpleTestCase
class GenerateSecretKeyTests(SimpleTestCase):
def test_generates_valid_key(self):
key = call_command('generate_secret_key', stdout=None)
self.assertIsInstance(key, str)
self.assertGreater(len(key), 30)
}}}
--
--
Ticket URL: <https://code.djangoproject.com/ticket/36782#comment:5>
from django.test import SimpleTestCase
class GenerateSecretKeyTests(SimpleTestCase):
def test_generates_valid_key(self):
key = call_command('generate_secret_key', stdout=None)
self.assertIsInstance(key, str)
self.assertGreater(len(key), 30)
}}}
--
--
Django
Dec 8, 2025, 7:04:29 AM12/8/25
to django-...@googlegroups.com
#36782: Add management command for generating a Django SECRET_KEY
-------------------------------------+-------------------------------------
Reporter: Joe Philip | Owner: Joe
| Philip
Type: New feature | Status: closed
-------------------------------------+-------------------------------------
Reporter: Joe Philip | Owner: Joe
| Philip
Component: Core (Management | Version: 6.0
commands) |
Severity: Normal | Resolution: duplicate
commands) |
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Natalia Bidart):
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
* resolution: => duplicate
* status: assigned => closed
Comment:
Duplicate of #24448 and #32451.
--
Ticket URL: <https://code.djangoproject.com/ticket/36782#comment:6>
Reply all
Reply to author
Forward
0 new messages