-
-
Notifications
You must be signed in to change notification settings - Fork 318
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
v0.11.0 Introduces parsing error for strings containing more than one $ symbol #485
Comments
Hi, I also just tried to upgrade to v0.11.0 and have the same error with a secret generated with |
also looks like |
Hey there, Yes the new release has this unplanned breaking change. Sorry about that. |
This breaking change was reverted. The v0.11.1 version has just been released. I apologize for the inconvenience |
Hi, I appreciate you getting the patch out so quickly! Unfortunately, I'm still having trouble with v0.11.1. If there's a $ symbol followed by one or more letters (uppercase or lowercase), it still raises an exception. For example, you could reproduce it using the following as a secret key: SECRET_KEY=ABCDEFG_1234567890_N0T@R3ALV@L$S3CR3TK3Y@HELLOWORLD Which raises the exception: ...
django.core.exceptions.ImproperlyConfigured: Set the S3CR3TK3Y environment variable And as @JaredBrown138 had mentioned, reverting to v0.10.0 does fix the issue. |
django-environ v0.11.2 with a fix has been released, thank you for reporting https://github.com/joke2k/django-environ/releases/tag/v0.11.2 |
The latest version seems to have introduced parsing errors when there is more that one $ present in a env string being loaded. I caught this with one of my development SECRET_KEYS configs that failed after installing the latest version. I haven't been able to nail down the exact conditions of when it occurs as sometimes having two $ in a string works, other times it fails at 3.
As it is just a local development key I don't mind sharing it:
django-insecure-3g!&1-%o7u$r$@s$1doy16^n8hjjazdsn2h)#!vw*ufkn1c&0e
Reverting to v0.10.0 fixes the issue.
I also generated a new secret key and modified it to have two $ and it fails with "Set the fe environment variable":
o-8+9g&ifvf8t(+a6awjf87fvq6n9heb+eopcqb(-b1+-yt*l$34$fe
There is also more strange behavior like including some non-alphanumeric values after the $ allows it to work:
This breaks:
this$isa$test
this does not:this$@isa$@test
The text was updated successfully, but these errors were encountered: