maciejpi/nordabiz
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

auto-claude: 2.2 - Replace hardcoded password in run_migration.py with safe fallback and add warning comment

Browse Source
This commit is contained in:
Maciej Pienczyn 2026-01-10 12:49:18 +01:00
parent 6e9f1a4e4d
commit 4cb505f21c
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
run_migration.py
View File

@ -15,7 +15,10 @@ if user_site not in sys.path:
# Use localhost for production (PostgreSQL only accepts local connections)
# See CLAUDE.md: Scripts in scripts/ must use localhost (127.0.0.1) to connect
DATABASE_URL = os.environ.get('DATABASE_URL', 'postgresql://nordabiz_app:NordaBiz2025Secure@127.0.0.1:5432/nordabiz')
# WARNING: The fallback DATABASE_URL uses a placeholder password.
# Production credentials MUST be set via the DATABASE_URL environment variable.
# NEVER commit real credentials to version control (CWE-798).
DATABASE_URL = os.environ.get('DATABASE_URL', 'postgresql://nordabiz_app:CHANGE_ME@127.0.0.1:5432/nordabiz')
try:
import psycopg2