Header logo.
A study of bugs

So much fun in week 45

These are the fun I had in week 45, 2021.


I ended up in a situation where I decided to use Djongo to bridge MongoDB and Django.

MongoEngine team made a Django connector. But it does not seem to be actively maintained. So they pointed to Djongo and described it as “promising”. (Spoiler: If something is “promising”, the universe hasn't decided whether to resolve it or reject it.)

It seemed as if the only thing you needed to do is go to settings.py and change the database engine to Djongo like so.

    'default': {
        'ENGINE': 'djongo',
        'NAME': '<db_name>',
        'ENFORCE_SCHEMA': True,
        'CLIENT': {
            'host': '<conenction_url>'

If you set enforce schema to True, you'd need to run migrations like dealing with a relational DB. Setting this parameter to False would save you some hassle.

Then an error popped up saying a certificate was required. (SSL: CERTIFICATE_VERIFY_FAILED) Djongo's documentation mentioned in passing that you could use arguments allowed in pymongo.MongoClient().

In this case, useful arguments were ssl, ssl_cert_reqs and ssl_ca_certs. But Djongo doc did not tell you how exactly you could do that.

After some trial and error, I did the obvious by directly adding query params to the URL.

  • 'ssl=true&ssl_cert_reqs=CERT_NONE'
  • 'ssl=true&ssl_ca_certs=' + certifi.where()

The first one is less secure. To use an actual certificate, you need to install certifi and go with the second. (There were more trials and errors. And a lot of times, doing the obvious didn't work.)

Maybe I'm overthinking, but...

At some point I wrote this code for an endpoint that expected a JSON object with keys username and password. (Remember destructuring assignment from JavaScript? LOL!)

def auth_login(request):
    username, password = json.loads(request.body.decode()).values()
    # Surely this will work right?

I soon realized nothing prevented the client from uploading something like this:

    "password": "pa$sw0rd",
    "username": "lexie"

And since this was not JavaScript, we'd end up with username being pa$sw0rd and password being lexie.

And git ignores case by default

It seems quite a few people don't know git by default ignores case.

I learned this because I once mistakenly named the file for a React component in lowercase then imported it using the capitalized filename.

This could be a problem if you misname a Procfile or a Dockerfile. And you actually don't need to recreate the entire repository like Matt did in this video.

Set ignorecase to false like this and rename the file. A learn this solution (of course) from a note on StackOverflow.

git config --local core.ignorecase false