On Wed, 2019-10-09 at 18:55 -0400, Jeremy Cline wrote: > On Thu, Oct 10, 2019 at 09:32:13AM +1100, Daniel Axtens wrote: > > > diff --git > > > a/releasenotes/notes/use-secrets-and-fall-back-to-random.SystemRandom-for-keys-9ceb496919a1bb6f.yaml > > > > > > b/releasenotes/notes/use-secrets-and-fall-back-to-random.SystemRandom-for-keys-9ceb496919a1bb6f.yaml > > > new file mode 100644 > > > index 0000000..7b101cb > > > --- /dev/null > > > +++ > > > b/releasenotes/notes/use-secrets-and-fall-back-to-random.SystemRandom-for-keys-9ceb496919a1bb6f.yaml > > > @@ -0,0 +1,5 @@ > > > +--- > > > +security: > > > + - | > > > + Change the recommended method for generating the Django secret key > > > to use a > > > + cryptographically secure random number generator. > > > > Oh, while I remember, I think I've had trouble with the security: > > section before. Have you been able to verify that this shows up in the > > docs? (I build mine with `docker-compose run web tox -e docs`) > > > > Ah, you caught me. I noticed the request for a release note late in the > game and didn't actually check that it worked in the docs. You're right, > it doesn't show up. Some quick debugging indicates that the reno config > is excluding the section, something like: > > diff --git a/releasenotes/config.yaml b/releasenotes/config.yaml > index cd31940..6c7d622 100644 > --- a/releasenotes/config.yaml > +++ b/releasenotes/config.yaml > @@ -11,3 +11,4 @@ sections: > - [fixes, Bug Fixes] > - [api, API Changes] > - [other, Other Notes] > + - [security, Security Notes] > > fixes it. I can re-roll the patch if you like.
No need. I've included this and applied it. As you note, the Python 2 fallbacks are easy to clean up later if we need to. Stephen _______________________________________________ Patchwork mailing list Patchwork@lists.ozlabs.org https://lists.ozlabs.org/listinfo/patchwork