Skip to content

Collection of semgrep rules for ensuring safe, fast and backwards-compatible Django migrations

License

Notifications You must be signed in to change notification settings

RedHatProductSecurity/django-migration-rules

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Semgrep rules for safe and performant Django migrations

This repository contains a collection of semgrep rules with the goal of enabling zero-downtime (or close to zero :-)) Django migrations.

It does so by checking for common patterns that can result in slow or backwards-incompatible migrations in production, such as:

  • NOT NULL fields being added to an existing table without an explicit SQL default.

  • Removal of fields.

  • Renaming of fields.

  • Dropping models.

...

How to use

Simply call semgrep with a link to the raw version of any of the yaml rule definitions as a config:

$ semgrep -f 'https://raw.githubusercontent.com/RedHatProductSecurity/django-migration-rules/master/rules/django-migration-slow-default.yaml'

Semgrep allows chaining multiple configs, thus you can run multiple rules like so:

$ semgrep -f 'https://raw.githubusercontent.com/RedHatProductSecurity/django-migration-rules/master/rules/django-migration-slow-default.yaml' \
  -f 'https://raw.githubusercontent.com/RedHatProductSecurity/django-migration-rules/master/rules/django-migration-remove-field.yaml'

Alternatively, cloning the repository or having it as a submodule in your project also works:

$ semgrep -f ../django-migration-rules/rules

About

Collection of semgrep rules for ensuring safe, fast and backwards-compatible Django migrations

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages