Skip to content

fix: Remove secret from DB and enforce env #6748

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jan 16, 2020
Merged

fix: Remove secret from DB and enforce env #6748

merged 5 commits into from
Jan 16, 2020

Conversation

iamareebjamal
Copy link
Member

@iamareebjamal iamareebjamal commented Jan 16, 2020
edited
Loading

Fix for #6093

@auto-label auto-label bot added the fix label Jan 16, 2020
houndci-bot
houndci-bot reviewed Jan 16, 2020
View reviewed changes
app/instance.py Outdated
else:
random_secret = secrets.token_hex()
app.logger.warning(f'Using random secret "{ random_secret }" for development server. '
'This is NOT recommended. Set proper SECRET_KEY in .env or environment variables')
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

continuation line over-indented for visual indent

@codecov
Copy link

codecov bot commented Jan 16, 2020
edited
Loading

Codecov Report

Merging #6748 into development will decrease coverage by 0.03%.
The diff coverage is 67.85%.

Impacted file tree graph

@@               Coverage Diff               @@
##           development    #6748      +/-   ##
===============================================
- Coverage        65.42%   65.39%   -0.04%     
===============================================
  Files              300      300              
  Lines            15330    15332       +2     
===============================================
- Hits             10030    10026       -4     
- Misses            5300     5306       +6
Impacted Files Coverage Δ
app/api/schema/settings.py 100% <ø> (ø) ⬆️
app/models/setting.py 91.5% <ø> (-0.09%) ⬇️
app/settings/__init__.py 43.93% <0%> (-0.84%) ⬇️
config.py 88.15% <100%> (+0.15%) ⬆️
tests/all/unit/api/helpers/test_storage.py 98.03% <100%> (-0.11%) ⬇️
app/api/helpers/storage.py 63.63% <100%> (+0.61%) ⬆️
tests/all/integration/setup_database.py 95.83% <100%> (-0.17%) ⬇️
app/instance.py 88.48% <25%> (-2.83%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ce04f52...8e19c4d. Read the comment docs.

@niranjan94
Copy link
Member

Codacy Here is an overview of what got changed by this pull request:

Issues
======
- Added 1
           

Complexity increasing per file
==============================
- app/instance.py  2

See the complete overview on Codacy

niranjan94
niranjan94 reviewed Jan 16, 2020
View reviewed changes
app/instance.py
exit(1)
else:
random_secret = secrets.token_hex()
app.logger.warning(f'Using random secret "{ random_secret }" for development server. '
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Codacy Issue found: invalid syntax

@iamareebjamal iamareebjamal merged commit 0183671 into fossasia:development Jan 16, 2020
@iamareebjamal iamareebjamal deleted the secret branch January 16, 2020 20:18
@codedsun codedsun mentioned this pull request Jan 18, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@niranjan94 niranjan94 niranjan94 left review comments

@houndci-bot houndci-bot houndci-bot left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

fix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@iamareebjamal @niranjan94 @houndci-bot