Postgres PGCrypto in Django?
129 views
Skip to first unread message
Peter Farrell
Nov 3, 2018, 5:09:17 PM11/3/18
to Django developers (Contributions to Django itself)
Hi All,
I saw Carlton's short keynote at DjangoCon last month and he suggested that I message this group.
I'm one of the maintainers of Django-Pgcrypto-Fields which offers field level encryption using the PostgeSQL pgcryto library. We support Django 1.11, and 2+ including filtering, aggregates and annotations. We have 100% unit test coverage (although the test suite could use a little refactoring for clarity).
I wanted to ping the group to see if anyone else would be interested in code reviewing the project for anything that could be done better or differently? I'm asking because what I know about the ORM is all by splunking though the Django source over time.
Also, there is potential for inclusion as part of the Django contrib for postgres. If there is interest, I'd happily volunteer to help maintain. So I'm curious what people's opinions are regarding this.
Best,
Peter J. Farrell
Carlton Gibson
Nov 8, 2018, 5:54:13 AM11/8/18
to Django developers (Contributions to Django itself)
Hi Peter,
Thanks for the follow-up here. For me, optional field-level encryption would be a cool addition.
Can I solicit some opinions:
* Do we think this would merit a place in `contrib.postgres` (vs the third-party package)?
* Postgres buffs: any comment on the actual implementation?
Kind Regards,
Carlton
Adam Johnson
Nov 17, 2018, 10:54:33 AM11/17/18
to django-d...@googlegroups.com
Although I admire the work that has gone into the package, I think it's best kept separate.
As the creator of Django-MySQL I did once propose merging parts of it as django.contrib.mysql, but I cooled to the idea when I realized it's easier to make changes when not kept in lock-step with Django. For example, a new field type can be added and made available on all supported versions of Django. In fact, I'd even advocate splitting out django.contrib.postgres if it wouldn't be too much of a pain :)
django-pgcrypto-fields seems to fit the same template, it provides 18 field classes, and it's also relatively niche. Most applications just need encryption at rest and in transit for the whole DB, which normally lives entirely outside Django land.
--
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.
To post to this group, send email to django-d...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/7307627b-802e-4824-a488-d913a5890df8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Adam
Adam
Reply all
Reply to author
Forward
0 new messages