--
Ticket URL: <https://code.djangoproject.com/ticket/28734>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
* owner: nobody => Hasan Ramezani
* status: new => assigned
--
Ticket URL: <https://code.djangoproject.com/ticket/28734#comment:1>
* component: Uncategorized => contrib.auth
--
Ticket URL: <https://code.djangoproject.com/ticket/28734#comment:2>
* has_patch: 0 => 1
--
Ticket URL: <https://code.djangoproject.com/ticket/28734#comment:3>
Comment (by Hasan Ramezani):
[https://github.com/django/django/pull/9277]
--
Ticket URL: <https://code.djangoproject.com/ticket/28734#comment:4>
Comment (by Tim Graham):
My guess is that this isn't implemented because of the security concern of
having the password saved in shell history. There's a proposal in #27801
about reading the password from an environment variable. This may or may
not be more secure depending on how you set that variable.
--
Ticket URL: <https://code.djangoproject.com/ticket/28734#comment:5>
Comment (by Hasan Ramezani):
I checked the #27801 ticket. this ticket was owned by another person, can
I create a pull request for reading the password from environment variable
in `createsuperuser` management command?
--
Ticket URL: <https://code.djangoproject.com/ticket/28734#comment:6>
Comment (by Jon Dufresne):
-1 on adding a password CLI argument.
In addition to the shell history, CLI arguments can be viewable through
other processes on the system. For example `ps -ef`.
--
Ticket URL: <https://code.djangoproject.com/ticket/28734#comment:7>
* status: assigned => closed
* resolution: => wontfix
--
Ticket URL: <https://code.djangoproject.com/ticket/28734#comment:8>