There was a GSoC proposal
<https://groups.google.com/forum/#!searchin/django-developers/gsoc$20secrets$20manager%7Csort:date/django-developers/BUr4VgRI33U/q6GUUZczBQAJ>
this year for a SecretsManager that could conceivably make what you
suggest possible. Wasn't accepted though.
Not sure if it's a security issue with beginners that require help
setting up settings.py though. Should be easy enough to just paste the
file (modified) somewhere.
LP,
Jure
On 12/06/2020 13:51, René Fleschenberg wrote:
Hi,
Just a thought that came to my mind: It would be useful to have a
command that dumps the run-time settings, but automatically replaces
secrets with dummy values.
I think this should not be too hard to do for Django's own secret
settings, and maybe it can also be done for some known common third
party settings (AWS_SECRET_ACCESS_KEY, for example).
Even better would be to have a standardized way of marking settings as
secret, though I am not sure if this is feasible.
Regards,
René
On 6/12/20 5:09 AM, '1337 Shadow Hacker' via Django developers
(Contributions to Django itself) wrote:
Hi all,
So, just on #django IRC channel there was a user trying to help another
one, asking for some settings through ./manage.py shell etc ... A
discussion that went kind of like "Print out your settings" "How would I
print, I tried that, I'm in settings.py" "With ... print()" "but in the
shell, __file__ is not defined" and so on, and 20 minutes later the user
couldn't print his settings and left.
TBH I'm pretty fine because the users I support are on projects where I
added djcli to the requirements, so I can always ask the to do the djcli
setting command to print out a setting. It's very useful useful to me, I
think Django should a command to dump runtime settings because that
should make the life easier of Django users trying to support newbies in
their own projects, where they don't have installed a custom command,
it's pretty cheap to make and maintain and should save quite some
frustration from both sides of the story.
What do you think ?
--
You received this message because you are subscribed to the Google
Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to django-developers+unsubscr...@googlegroups.com
<mailto:django-developers+unsubscr...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-developers/X2HkH0yasxu2XVxBuVkbTfdSHctL7y3pW9seQ8CHFcVOpmsiyN80JlDYH2g5F6IfPvEdN4zyG6vuxj2HEMJaXUSErMUM5IT70iLvkxsrc7U%3D%40protonmail.com
<https://groups.google.com/d/msgid/django-developers/X2HkH0yasxu2XVxBuVkbTfdSHctL7y3pW9seQ8CHFcVOpmsiyN80JlDYH2g5F6IfPvEdN4zyG6vuxj2HEMJaXUSErMUM5IT70iLvkxsrc7U%3D%40protonmail.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups "Django
developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-developers/4370f935-9d2d-283d-3156-14c878fc1c93%40gmail.com.
