[Django] #24448: generate new SECRET_KEY command

[Django]

#24448: generate new SECRET_KEY command
-------------------------------+--------------------
Reporter: wimfeijen | Owner: nobody
Type: New feature | Status: new
Component: Uncategorized | Version: master
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------+--------------------
Hi,

My proposal is to add a django-admin.py command or manage.py command which
generates a new SECRET_KEY in order to improve safety.

Sometimes I copy projects. I'd like to change the SECRET_KEY then. As far
as I know, there is no (documented) way to generate a new SECRET_KEY,
except for creating a new online project and copying that key.

Or I could implement a random function myself (which might be actually
worse implemented then django's default key generation), or I could use
the first Google hit to generate a key over an insecure connection. Both
raise my safety concerns.

--
Ticket URL: <https://code.djangoproject.com/ticket/24448>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

[Django]

#24448: generate new SECRET_KEY command

-------------------------------+--------------------------------------

Reporter: wimfeijen | Owner: nobody
Type: New feature | Status: new
Component: Uncategorized | Version: master

Severity: Normal | Resolution:
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
-------------------------------+--------------------------------------
Changes (by wimfeijen):

* needs_better_patch: => 0
* needs_tests: => 0
* easy: 0 => 1
* needs_docs: => 0

--
Ticket URL: <https://code.djangoproject.com/ticket/24448#comment:1>

[Django]

#24448: generate new SECRET_KEY command

-------------------------------+--------------------------------------
Reporter: wimfeijen | Owner: nobody
Type: New feature | Status: closed
Component: Uncategorized | Version: master
Severity: Normal | Resolution: wontfix
Keywords: | Triage Stage: Unreviewed

Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
-------------------------------+--------------------------------------

Changes (by timgraham):

* status: new => closed
* resolution: => wontfix

Comment:

I don't see this as something Django needs to provide. My understanding is
that any random string is fine. There are online generators that use
https. I'm averse to adding management commands for every little task as
there are overheads for code, docs, and tests. If someone has stronger
arguments, please reopen or use the DevelopersMailingList for discussion.
Thanks!

--
Ticket URL: <https://code.djangoproject.com/ticket/24448#comment:2>

[Django]

#24448: Add a management command to generate new SECRET_KEY
-------------------------------+--------------------------------------
Reporter: wimfeijen | Owner: nobody
Type: New feature | Status: closed
Component: Uncategorized | Version: master
Severity: Normal | Resolution: wontfix
Keywords: | Triage Stage: Unreviewed

Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
-------------------------------+--------------------------------------

--
Ticket URL: <https://code.djangoproject.com/ticket/24448#comment:3>