library: secure SECRET_KEY generation and tidy IconWithTooltip#1634
Open
davmlaw wants to merge 1 commit into
Open
library: secure SECRET_KEY generation and tidy IconWithTooltip#1634davmlaw wants to merge 1 commit into
davmlaw wants to merge 1 commit into
Conversation
- Generate the Django SECRET_KEY with django.core.management.utils.get_random_secret_key() instead of the home-grown random-based generator (only affects fresh deployments where django_secret_key.txt does not yet exist) - Build IconWithTooltip markup with format_html() rather than hand-assembling a SafeString, removing now-unused imports
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🤖 Written by Claude
Two small, self-contained code-quality improvements in
library/:django.core.management.utils.get_random_secret_key()instead of the bespokerandom-basedgenerate_key()helper. Only affects fresh deployments wheredjango_secret_key.txtdoes not yet exist; existing keys are untouched.IconWithTooltip— build the<i>markup withformat_html()instead of hand-assembling aSafeString, removing the manual escaping and now-unused imports.No behaviour change for normal inputs; py_compile clean.