Giter VIP home page Giter VIP logo

django-security-txt's Introduction

A django-security-txt documentation

GitHub Coveralls License Version Supported Python version Supported Django version Package format Python wheel support Package status

django-security-txt is a Django reusable application to handle security.txt (http://securitytxt.org/)

Contents

Installation

  • Obtain your copy of source code from the git repository: $ git clone https://github.com/vint21h/django-security-txt.git. Or download the latest release from https://github.com/vint21h/django-security-txt/tags/.
  • Run $ python ./setup.py install from the repository source tree or the unpacked archive. Or use pip: $ pip install django-security-txt.

Configuration

  • Add "security_txt" to settings.INSTALLED_APPS:
# settings.py

INSTALLED_APPS += [
    "phonenumber_field",
    "security_txt",
]
  • Add "security_txt" to your URLs definitions:
# urls.py

from django.urls import re_path


urlpatterns += [
    re_path(r"^.well-known/security\.txt", include("security_txt.urls")),
]

Settings

SECURITY_TXT_EXPIRES
Indicates the date and time after which the data contained in the "security.txt" file is considered stale and should not be used. Defaults to None.
SECURITY_TXT_PREFERRED_LANGUAGES
Used to indicate a set of natural languages that are preferred when submitting security reports. Defaults to None.
SECURITY_TXT_SIGN
Sign "security.txt" using PGP. Defaults to False.
SECURITY_TXT_SIGNING_KEY
Path to PGP key. Defaults to "".

Advanced features

If you want to sign your "security.txt":

  • Install django-security-txt with additional dependencies: $ pip install django-security-txt[pgp].
  • Configure:
# settings.py

SECURITY_TXT_SIGN: bool = True
SECURITY_TXT_SIGNING_KEY: str = "/path/to/key.asc"

Contributing

  1. Fork it
  2. Install GNU Make
  3. Install and configure pyenv and pyenv-virtualenv plugin
  4. Install and configure direnv
  5. Create environment config from example
cp .env.example .env
  1. Install development dependencies:
make install
  1. Create your fix/feature branch:
git checkout -b my-new-fix-or-feature
  1. Check code style and moreover:
make check
  1. Run tests:
make test
  1. Push to the branch:
git push origin my-new-fix-or-feature
  1. Create a new Pull Request

Licensing

django-security-txt is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (a t your option) any later version. For complete license text see COPYING file.

Contacts

Project Website: https://github.com/vint21h/django-security-txt/

Author: Alexei Andrushievich <[email protected]>

For other authors list see AUTHORS file.

django-security-txt's People

Contributors

vint21h avatar

Stargazers

avatar

Watchers

avatar avatar

Forkers

jensenbox

django-security-txt's Issues

Unable to run in Django 4.x

The package is not compatible with Django 4

Expected Behavior

Able to run in Django 4

Current Behavior

ImportError: cannot import name 'url' from 'django.conf.urls' (/usr/local/lib/python3.10/site-packages/django/conf/urls/init.py)

Possible Solution

Seems like this is a pretty easy solve - the new thing to use is re_path - https://docs.djangoproject.com/en/4.0/ref/urls/#re-path

Steps to Reproduce

Context (Environment)

Detailed Description

Possible Implementation

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.