Skip to content

v1.1.7

Choose a tag to compare

View all tags
@RobertoPrevato RobertoPrevato released this 01 Oct 07:30
· 2 commits to main since this release
v1.1.7
d79f99e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
  • Add a Secret class to handle secrets in code instead of using plain str. This
    approach offers several advantages:
  1. It encourages loading secrets from environment variables, and discourages programmers
    from hardcoding secrets in source code.
  2. Avoids accidental exposure of secrets in logs or error messages, by overriding
    str and repr.
  3. It causes exception if someone tries to JSON encode it using the built-in JSON
    module, unlike str.
  4. For convenience, it can be compared directly to strings. It uses constant-time
    comparison to prevent timing attacks, with the built-in secrets.compare_digest.
  5. Environment variables can be changed at runtime, using this class applications can
    pick up secret changes without needing to be restarted.
  • Add an EnvironmentVariableNotFound exception that can be used when an expected env
    variable is not set.
  • Handle timedelta objects in the FriendlyEncoder class, by @arthurbrenno.
  • Improve the order of if statements in the FriendlyEncoder class to prioritize the
    most frequently encountered types first, which should provide better performance in
    typical use cases.

Contributors

arthurbrenno
Assets 2
Loading