Re: Backport for ticket 34063?

2022-12-30 Thread Kevin Grinberg
I'll say upfront that I haven't hit this particular issue, but it's mostly because I've avoided the Django async stack after some challenging experiences on the old(er) channels/daphne/etc. stack and its evolution. I've personally been in the "let's see how this develops" camp, which admittedly

Re: Difference between AdminSite.admin_view and staff_member_required?

2021-03-13 Thread Kevin Grinberg
`staff_member_required` is a nice convenience method, quite useful outside of the admin if your authorization needs are sufficiently served by User.is_staff (which isn't always the case of course, but often *is* on a small project). Yes, it can be reduced to a `user_passes_test` call, but that'

Dynamic SESSION_COOKIE_DOMAIN and CSRF_COOKIE_DOMAIN settings

2020-06-02 Thread Kevin Grinberg
Hi folks, I recently ran into an issue around the SESSION_COOKIE_DOMAIN and CSRF_COOKIE_DOMAIN settings that seems like it could be fixable by adding some extensibility. Before submitting a patch/PR, I wanted to get the community's opinion on whether this is worth addressing in the framework,

Re: Pre-proposal: adopt dj-database-url as a DEP 7 official project

2019-07-18 Thread Kevin Grinberg
I've more commonly found myself using https://pypi.org/project/dsnparse/ more often than dj-database-url, due to support for DSNs in setting CACHES (with Heroku Redis for example, you get a REDIS_URL exposed the same way). I don't think the maintainer is offering to do take dsnparse under DEP 7,

Oracle sequence naming regression - input on approach?

2017-08-09 Thread Kevin Grinberg
Hi folks, I'm looking for input on https://code.djangoproject.com/ticket/28451 Basically, the root of the issue is that a change introduced in 1.11 breaks Oracle sequence names under certain conditions (if you have use_returning_into = False, which is *not* the default). The symptom is that if

Re: Value of tightening URLValidator/EmailValidator regular expressions?

2016-03-15 Thread Kevin Grinberg
Validation that doesn't rely on browser behavior *is* useful, if only for the (admittedly shrinking, but still non-zero) population of folks using older browsers. Also API clients and so forth. Very much agreed that it should match the HTML5 spec, though - fewer edge cases and more predictable