Skip to content

jensenbox/django-security-txt

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits

.github

.github

 
 

security_txt

security_txt

 
 

tests

tests

 
 

.editorconfig

.editorconfig

 
 

.env.example

.env.example

 
 

.envrc

.envrc

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

.pre-commit-config.yaml

.pre-commit-config.yaml

 
 

.python-version

.python-version

 
 

AUTHORS

AUTHORS

 
 

COPYING

COPYING

 
 

MANIFEST.in

MANIFEST.in

 
 

Makefile

Makefile

 
 

README.rst

README.rst

 
 

TODO

TODO

 
 

setup.cfg

setup.cfg

 
 

setup.py

setup.py

 
 

Repository files navigation

A django-security-txt documentation

GitHub_ Coveralls_ License_ Version_ Supported Python version_ Supported Django version_ Package format_ Python wheel support_ Package status_

django-security-txt is a Django reusable application to handle security.txt (http://securitytxt.org/)

Installation

  • Obtain your copy of source code from the git repository: $ git clone https://github.com/vint21h/django-security-txt.git. Or download the latest release from https://github.com/vint21h/django-security-txt/tags/.
  • Run $ python ./setup.py install from the repository source tree or the unpacked archive. Or use pip: $ pip install django-security-txt.

Configuration

  • Add "security_txt" to settings.INSTALLED_APPS:
# settings.py

INSTALLED_APPS += [
    "phonenumber_field",
    "security_txt",
]
  • Add "security_txt" to your URLs definitions:
# urls.py

from django.urls import re_path


urlpatterns += [
    re_path(r"^.well-known/security\.txt", include("security_txt.urls")),
]

Settings

SECURITY_TXT_EXPIRES

Indicates the date and time after which the data contained in the "security.txt" file is considered stale and should not be used. Defaults to None.

SECURITY_TXT_PREFERRED_LANGUAGES

Used to indicate a set of natural languages that are preferred when submitting security reports. Defaults to None.

SECURITY_TXT_SIGN

Sign "security.txt" using PGP. Defaults to False.

SECURITY_TXT_SIGNING_KEY

Path to PGP key. Defaults to "".

Advanced features

If you want to sign your "security.txt":

  • Install django-security-txt with additional dependencies: $ pip install django-security-txt[pgp].
  • Configure:
# settings.py

SECURITY_TXT_SIGN: bool = True
SECURITY_TXT_SIGNING_KEY: str = "/path/to/key.asc"

Contributing

  1. Fork it
  2. Install GNU Make
  3. Install and configure pyenv and pyenv-virtualenv plugin
  4. Install and configure direnv
  5. Create environment config from example
cp .env.example .env
  1. Install development dependencies:
make install
  1. Create your fix/feature branch:
git checkout -b my-new-fix-or-feature
  1. Check code style and moreover:
make check
  1. Run tests:
make test
  1. Push to the branch:
git push origin my-new-fix-or-feature
  1. Create a new Pull Request

Licensing

django-security-txt is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (a t your option) any later version. For complete license text see COPYING file.

Contacts

Project Website: https://github.com/vint21h/django-security-txt/

Author: Alexei Andrushievich <vint21h@vint21h.pp.ua>

For other authors list see AUTHORS file.

About

Handle security.txt

Resources

Readme

License

GPL-3.0 license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

8 tags

Packages

No packages published

Languages

  • Python 95.5%
  • Makefile 4.3%
  • Shell 0.2%