I think it would be a good idea to add a check for insecure hashers on
PASSWORD_HASHERS[0],
I know the insecure ones are not enabled by default, but I think it would
be useful to warn users that have enabled them that it's a bad idea.
They could have enabled them on production while thinking th
the wiser.
Also I think it's a good practice, you could have modified PASSWORD_HASHERS
years ago, and the hasher that was once secure is not any more.
On Tue, Jun 21, 2022 at 12:31 PM Tim Graham wrote:
> For context, Francisco proposed this at
> https://code.djangoproject.com/ticket/3
Here is a real-world example I found on a quick search:
https://github.com/dimagi/commcare-hq/blob/6be7be39cb3f554670685e811a15720d46cc4a2d/settings.py#L192
On Fri, Jun 24, 2022 at 11:00 PM Francisco Couzo
wrote:
> If you happen to be using pytest and want to detect if you're testing,
&
Hey guys.
I'm developing a new project and creating a custom user model, extending
the AbstractBaseUser class, but when add a new user in admin interface or
modelform I get the error: IntegrityError at /null value in column "email"
violates not-null constraint.
The field email is necessary and
I think it would be a good idea to make ConditionalGetMiddleware use a hash
function that's not as easy to find a collision as MD5, most probably
SHA-256 or BLAKE2.
I don't see a problem with just changing it, it will just invalidate the
old cache.
If there's an agreement on changing the hash fu
:
> What would this protect against?
>
> On Thu, 10 Sep 2020 at 03:56, Francisco Couzo
> wrote:
>
>> I think it would be a good idea to make ConditionalGetMiddleware use a
>> hash function that's not as easy to find a collision as MD5, most probably
>> SHA-256 or
e are no signs that this will change), it would still only happen
> once every eight months, and it's fairly rare for anything to be
> cached that long in the first place, I think.
>
> Taymon
>
>
> On Thu, Sep 10, 2020 at 1:16 PM Francisco Couzo
> wrote:
> >
Hi. I've got a doubt about Django, but the reason I didn't post this on
django-users was because the doubt was about Django's behaviour/design.
If I was wrong to post here, I'm sorry.
The problem occured when I was defining a form class. I made changes in
a view, I wrote a form class and I made
Awh damn...
There goes my change of reporting an actual bug in Django... xD
It is fixed in Django 1.5, so thank you for fixing it!
Francisco Vieira
On 12/20/2012 09:46 PM, Florian Apolloner wrote:
Hi,
On Thursday, December 20, 2012 9:29:06 PM UTC+1, Francisco Vieira wrote:
Oh, and by the
Hi everyone,
I was using py2exe + Django 1.3 without problems. From Django 1.4 the way
to find the commands changed and it tries to find .py files as you can see
in the find_commands() function in the file core/management/__init__.py .
When you compile Django using py2exe, your don't have .py
A feature I would really appreciate (as devs in
http://stackoverflow.com/questions/12217763/does-django-orm-have-an-equivalent-to-sqlalchemys-hybrid-attribute,
at least) is the Hybrid Property feature present in SQLAlchemy. They would
really contribute to DRY principle.
In django this would al
11 matches
Mail list logo
