Skip to content

Make DJANGO_SECRET get required to be populated when creating repo#1457

Open
msullivan wants to merge 1 commit intomainfrom
require-django-secret
Open

Make DJANGO_SECRET get required to be populated when creating repo#1457
msullivan wants to merge 1 commit intomainfrom
require-django-secret

Conversation

@msullivan
Copy link
Copy Markdown
Contributor

@msullivan msullivan commented Apr 3, 2026

No description provided.

@vercel
Copy link
Copy Markdown
Contributor

vercel bot commented Apr 3, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
alt-tag-generator Building Building Preview, Comment Apr 3, 2026 10:05pm
app-dir-i18n Ready Ready Preview, Comment Apr 3, 2026 10:05pm
blob-starter Ready Ready Preview, Comment Apr 3, 2026 10:05pm
blob-sveltekit Error Error Apr 3, 2026 10:05pm
build-output-api-edge-functions Building Building Preview, Comment Apr 3, 2026 10:05pm
build-output-api-routes Building Building Preview, Comment Apr 3, 2026 10:05pm
build-output-api-serverless-functions Building Building Preview, Comment Apr 3, 2026 10:05pm
cms-bulk-redirects Error Error Apr 3, 2026 10:05pm
cms-webhook-update-redirects Building Building Preview, Comment Apr 3, 2026 10:05pm
django-rest-framework-example Ready Ready Preview, Comment Apr 3, 2026 10:05pm
edge-functions-bot-protection-botd Ready Ready Preview, Comment Apr 3, 2026 10:05pm
edge-functions-feature-flag-split Ready Ready Preview, Comment Apr 3, 2026 10:05pm
edge-functions-geolocation Ready Ready Preview, Comment Apr 3, 2026 10:05pm
edge-functions-hostname-rewrites Building Building Preview, Comment Apr 3, 2026 10:05pm
edge-functions-i18n Building Building Preview, Comment Apr 3, 2026 10:05pm
edge-functions-image-response Ready Ready Preview, Comment Apr 3, 2026 10:05pm
edge-functions-power-parity-pricing Ready Ready Preview, Comment Apr 3, 2026 10:05pm
edge-functions-power-parity-pricing-strategies Ready Ready Preview, Comment Apr 3, 2026 10:05pm
edge-functions-query-params-filter Ready Ready Preview, Comment Apr 3, 2026 10:05pm
edge-functions-redirects-upstash Ready Ready Preview, Comment Apr 3, 2026 10:05pm
edge-maintenance-page Ready Ready Preview, Comment Apr 3, 2026 10:05pm
edge-middleware-modify-request-header Ready Ready Preview, Comment Apr 3, 2026 10:05pm
example-express-bun Ready Ready Preview, Comment Apr 3, 2026 10:05pm
example-feature-flag-apple-store Building Building Preview, Comment Apr 3, 2026 10:05pm
example-nitro-bun Building Building Preview, Comment Apr 3, 2026 10:05pm
examples Ready Ready Preview, Comment Apr 3, 2026 10:05pm
express-ai-sdk-demo Building Building Preview, Comment Apr 3, 2026 10:05pm
express-vercel Ready Ready Preview, Comment Apr 3, 2026 10:05pm
flags-sdk-growthbook Ready Ready Preview, Comment Apr 3, 2026 10:05pm
hono-ai-sdk Building Building Preview, Comment Apr 3, 2026 10:05pm
laurens-test Building Building Preview, Comment Apr 3, 2026 10:05pm
litellm-gateway-demo Error Error Apr 3, 2026 10:05pm
microfrontends-docs Building Building Preview, Comment Apr 3, 2026 10:05pm
microfrontends-marketing Building Building Preview, Comment Apr 3, 2026 10:05pm
nitro Building Building Preview, Comment Apr 3, 2026 10:05pm
nitro-cached-handler Building Building Preview, Comment Apr 3, 2026 10:05pm
nitro-plugins Ready Ready Preview, Comment Apr 3, 2026 10:05pm
nitro-route-rules Ready Ready Preview, Comment Apr 3, 2026 10:05pm
nodejs-api Building Building Preview, Comment Apr 3, 2026 10:05pm
nx-monorepo Ready Ready Preview, Comment Apr 3, 2026 10:05pm
postgres-drizzle Building Building Preview, Comment Apr 3, 2026 10:05pm
redirect-with-fallback Ready Ready Preview, Comment Apr 3, 2026 10:05pm
rust-axum Ready Ready Preview, Comment Apr 3, 2026 10:05pm
rust-hello-world Ready Ready Preview, Comment Apr 3, 2026 10:05pm
saas-microservices-api Building Building Preview, Comment Apr 3, 2026 10:05pm
saas-microservices-api-users Building Building Preview, Comment Apr 3, 2026 10:05pm
solutions-cms-contentstack-commerce Ready Ready Preview, Comment Apr 3, 2026 10:05pm
solutions-image-offset Ready Ready Preview, Comment Apr 3, 2026 10:05pm
solutions-microfrontends-docs Building Building Preview, Comment Apr 3, 2026 10:05pm
solutions-nx-monorepo Building Building Preview, Comment Apr 3, 2026 10:05pm
solutions-script-component-ad Ready Ready Preview, Comment Apr 3, 2026 10:05pm
solutions-subdomains-auth Building Building Preview, Comment Apr 3, 2026 10:05pm
solutions-testing Ready Ready Preview, Comment Apr 3, 2026 10:05pm
toolbar-feature-flags-sveltekit Building Building Preview, Comment Apr 3, 2026 10:05pm
toolbar-optimizely Ready Ready Preview, Comment Apr 3, 2026 10:05pm
toolbar-split Ready Ready Preview, Comment Apr 3, 2026 10:05pm
turborepo-hono-api Error Error Apr 3, 2026 10:05pm
turborepo-hono-web Building Building Preview, Comment Apr 3, 2026 10:05pm
xmcp-demo Ready Ready Preview, Comment Apr 3, 2026 10:05pm

Request Review

vercel[bot]
vercel bot reviewed Apr 3, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@vercel vercel bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Additional Suggestions:

  1. The DJANGO_SECRET environment variable that users are prompted to set during deployment is never read by settings.py, which hardcodes an insecure default secret key.
  1. Environment variable name mismatch: settings.py reads DJANGO_SECRET_KEY but all deploy URLs and documentation tell users to set DJANGO_SECRET, so the secret key is never used in production.

Fix on Vercel

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vercel vercel[bot] vercel[bot] left review comments

@okbel okbel Awaiting requested review from okbel okbel is a code owner

@lfades lfades Awaiting requested review from lfades lfades is a code owner

@goncy goncy Awaiting requested review from goncy goncy is a code owner

@dominiksipowicz dominiksipowicz Awaiting requested review from dominiksipowicz dominiksipowicz is a code owner

@lpalmes lpalmes Awaiting requested review from lpalmes lpalmes is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@msullivan