Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Double quotes no longer work for including the # in a string #519

Open
alexkiro opened this issue Feb 9, 2024 · 5 comments
Open

Double quotes no longer work for including the # in a string #519

alexkiro opened this issue Feb 9, 2024 · 5 comments

Comments

@alexkiro
Copy link

alexkiro commented Feb 9, 2024

After installing a new version of django-environ it appears that double quotes no longer work for including # as a character in a string. This appears to be breaking change in how django-environ parses the env file. As far as I can tell it treats everything after # as a comment, and considers the string to just be the starting double quote "

For example in version 0.10.0 this worked fine:

>>> import environ, io
>>> environ.__version__
'0.10.0'
>>> env = environ.Env()
>>> env.read_env(io.StringIO('COLOR="#fff"'))
>>> env.str("COLOR")
'#fff'

However in the latest version 0.11.2 this no longer works:

>>> import environ, io
>>> environ.__version__
'0.11.2'
>>> env = environ.Env()
>>> env.read_env(io.StringIO('COLOR="#fff"'))
>>> env.str("COLOR")
'"'

As a workaround, single quotes do still work:

>>> import environ, io
>>> env = environ.Env()
>>> env.read_env(io.StringIO("COLOR='#fff'"))
>>> env.str("COLOR")
'#fff'

If this is an intentional change, I suggest adding a note about it in the changelog. I couldn't find anything about it at this point.

There does seem to be some related changes in #475, so maybe that's were this change occured.
@Ronjea
Copy link

Ronjea commented Feb 16, 2024
edited

I had the same issue today thanks for reporting @alexkiro !

@biiit
Copy link

biiit commented Feb 28, 2024

Yes, I can confirm the same problem.

@kevinrenskers
Copy link

kevinrenskers commented Mar 4, 2024
edited

I just ran into the same issue, which causes the SECRET_KEY to be changed and thus our sessions can no longer be decoded. Our .env file has something like this:

SECRET_KEY="=w)yz1-tbmj)dpskj&#n25##)88l%n2p8#wiw)d5db9@mb#g18"

And when using the latest django-environ our SECRET_KEY in Django is "=w)yz1-tbmj)dpskj& (yes, that includes the double quote!).

@fdemmer
Copy link
Contributor

fdemmer commented Mar 7, 2024

related:

@sergeyklay could you please cut a release with this change?

@kevinrenskers
Copy link

Weird that this is not getting any attention. The PR with the fix was merged 6 months ago, and still no release has been made?

We now switched away from django-environ and are using two dependencies instead:

  1. https://github.com/theskumar/python-dotenv, which loads an .env file into Python's environment (after which values are loaded with Python's built-in os.getenv). No values are parsed, strings with hashtags don't get broken.
  2. https://github.com/jazzband/dj-database-url to parse a database URL into Django's config dictionary

alexkiro added a commit to ozonesecretariat/contactdb that referenced this issue Mar 18, 2024
@alexkiro
Workaround for upstream quoting issue
9d621df 
joke2k/django-environ#519
alexkiro added a commit to ozonesecretariat/contactdb that referenced this issue Mar 18, 2024
@alexkiro
Workaround for upstream quoting issue
7d34ab7 
joke2k/django-environ#519
@dklotz dklotz mentioned this issue Mar 20, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@kevinrenskers @fdemmer @alexkiro @Ronjea @biiit