Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Add CodeQL workflow for GitHub code scanning #34

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
lgtm-com wants to merge 2 commits into django-cms:main from lgtm-migrator:codeql
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 42 additions & 0 deletions .github/workflows/codeql.yml
View file Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: "CodeQL"

on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: "3 23 * * 5"

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [ javascript, python ]

steps:
- name: Checkout
uses: actions/checkout@v3

- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
queries: +security-and-quality

- name: Autobuild
uses: github/codeql-action/autobuild@v2
if: ${{ matrix.language == 'javascript' || matrix.language == 'python' }}

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:${{ matrix.language }}"
51 changes: 31 additions & 20 deletions backend/settings.py
View file Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,28 +56,28 @@
# some content plugins - optional, but used in most projects
'djangocms_file',
'djangocms_icon',
'djangocms_link',
'djangocms_picture',
'djangocms_style',
'djangocms_googlemap',
'djangocms_video',

# optional django CMS Bootstrap 4 modules
'djangocms_bootstrap4',
'djangocms_bootstrap4.contrib.bootstrap4_alerts',
'djangocms_bootstrap4.contrib.bootstrap4_badge',
'djangocms_bootstrap4.contrib.bootstrap4_card',
'djangocms_bootstrap4.contrib.bootstrap4_carousel',
'djangocms_bootstrap4.contrib.bootstrap4_collapse',
'djangocms_bootstrap4.contrib.bootstrap4_content',
'djangocms_bootstrap4.contrib.bootstrap4_grid',
'djangocms_bootstrap4.contrib.bootstrap4_jumbotron',
'djangocms_bootstrap4.contrib.bootstrap4_link',
'djangocms_bootstrap4.contrib.bootstrap4_listgroup',
'djangocms_bootstrap4.contrib.bootstrap4_media',
'djangocms_bootstrap4.contrib.bootstrap4_picture',
'djangocms_bootstrap4.contrib.bootstrap4_tabs',
'djangocms_bootstrap4.contrib.bootstrap4_utilities',
# optional django CMS Frontend modules
'djangocms_frontend',
'djangocms_frontend.contrib.accordion',
'djangocms_frontend.contrib.alert',
'djangocms_frontend.contrib.badge',
'djangocms_frontend.contrib.card',
'djangocms_frontend.contrib.carousel',
'djangocms_frontend.contrib.collapse',
'djangocms_frontend.contrib.content',
'djangocms_frontend.contrib.grid',
'djangocms_frontend.contrib.jumbotron',
'djangocms_frontend.contrib.link',
'djangocms_frontend.contrib.listgroup',
'djangocms_frontend.contrib.media',
'djangocms_frontend.contrib.image',
'djangocms_frontend.contrib.tabs',
'djangocms_frontend.contrib.utilities',
]

MIDDLEWARE = [
Expand Down Expand Up @@ -123,14 +123,24 @@
},
]

THUMBNAIL_PROCESSORS = (
'easy_thumbnails.processors.colorspace',
'easy_thumbnails.processors.autocrop',
#'easy_thumbnails.processors.scale_and_crop',
'filer.thumbnail_processors.scale_and_crop_with_subject_location',
'easy_thumbnails.processors.filters',
)


CMS_TEMPLATES = [
# a minimal template to get started with
('minimal.html', 'Minimal template'),
('whitenoise-static-files-demo.html', 'Static File Demo'),

# optional templates that extend base.html, to be used with Bootstrap 5
('page.html', 'Bootstrap 4 Demo'),
('feature.html', 'Bootstrap 4 Demo with two placeholders')
('bootstrap5.html', 'Bootstrap 5 Demo'),

# serving static files with whitenoise demo
('whitenoise-static-files-demo.html', 'Static File Demo'),
]

WSGI_APPLICATION = 'backend.wsgi.application'
Expand All @@ -144,6 +154,7 @@
DATABASE_URL = os.environ.get('DATABASE_URL', 'sqlite://:memory:')
DATABASES = {'default': dj_database_url.parse(DATABASE_URL)}

DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'

# Password validation
# https://docs.djangoproject.com/en/3.1/ref/settings/#auth-password-validators
Expand Down
67 changes: 32 additions & 35 deletions backend/templates/base.html
View file Open in desktop
Original file line number Diff line number Diff line change
@@ -1,37 +1,34 @@
{% load cms_tags static sekizai_tags menu_tags %}
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>{% block title %}This is my new project home page{% endblock title %}</title>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
<!-- <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous"> -->
{% render_block "css" %}
<!DOCTYPE html>{% load cms_tags menu_tags sekizai_tags static i18n %}{% spaceless %}
<html lang="{{ LANGUAGE_CODE }}">
<head>
<meta charset="utf-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=edge"/>
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"/>
{% block meta %}
<meta name="description" content="{% page_attribute meta_description %}"/>
<meta property="og:type" content="website"/>
<meta property="og:title" content="{% page_attribute "page_title" %}"/>
<meta property="og:description" content="{% page_attribute meta_description %}"/>
{% endblock meta %}
{% block canonical_url %}
<link rel="canonical" href="{{ request.build_absolute_uri }}"/>
<meta property="og:url" content="{{ request.build_absolute_uri }}"/>
{% endblock canonical_url %}
{% block fb_meta %}{% endblock fb_meta %}
<title>{% block title %}{% page_attribute "page_title" %}{% endblock %}</title>
{% block base_css %}{% endblock %}
{% endspaceless %}{% render_block 'css' %}{% spaceless %}
{% block page_head %}{% endblock %}
</head>
<body>
{% cms_toolbar %}
<div class="container-fluid">
<div class="navbar navbar-light bg-light" role="navigation">
<div class="navbar-header">
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<a class="navbar-brand" href="/">Project name</a>
</div>
<div class="collapse navbar-collapse" id="navbarSupportedContent">
<ul class="navbar-nav mr-auto">
{% show_menu 0 1 100 100 "menu.html" %}
</ul>
</div>
</div>
{% block content %}{% endblock content %}
</div>
<script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>

<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
<!-- <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js" integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script> -->
{% render_block "js" %}
<body {% block body_attrs %}{% endblock %}>
{% endspaceless %}{% cms_toolbar %}{% spaceless %}
{% block navbar %}{% endblock %}
{% block content %}
{% placeholder "Content" %}
{% endblock content %}
{% block base_js %}{% endblock %}
{% endspaceless %}{% render_block 'js' %}{% spaceless %}
{% block end_js %}{% endblock %}
{% block bottom_css %}{% endblock %}
</body>
</html>
</html>{% endspaceless %}
21 changes: 21 additions & 0 deletions backend/templates/bootstrap5.html
View file Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
{% extends "base.html" %}{% load cms_tags menu_tags %}
{% block base_css %}
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-iYQeCzEYFbKjA/T2uDLTpkwGzCiq6soy8tYaI1GyVh/UjpbCx/TYkiZhlZB6+fzT" crossorigin="anonymous"/>
{% endblock %}
{% block base_js %}
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/js/bootstrap.bundle.min.js" integrity="sha384-u1OknCvxWvY5kfmNBILK2hRnQC3Pr17a+RTT6rIHI7NnikvbZlHgTPOOmMi466C8" crossorigin="anonymous"></script>
{% endblock %}
{% block navbar %}
<nav class="navbar {% block navbar_options %}navbar-expand-lg navbar-dark bg-dark{% endblock %}">
<div class="container">
<a class="navbar-brand" href="/">{% block brand %}{% endblock %}</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarSupportedContent">
<ul class="navbar-nav me-auto mb-2 mb-lg-0">{% block menubar %}{% show_menu 0 100 0 100 'menu/menu.html' %}{% endblock %}</ul>
{% block searchbar %}{% endblock %}
</div>
</div>
</nav>
{% endblock %}
13 changes: 0 additions & 13 deletions backend/templates/feature.html
View file Open in desktop

This file was deleted.

19 changes: 0 additions & 19 deletions backend/templates/menu.html
View file Open in desktop

This file was deleted.

7 changes: 7 additions & 0 deletions backend/templates/menu/dropdown.html
View file Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
{% load i18n menu_tags cache %}
{% for child in children %}
{% if child.get_menu_title|first == ' ' %}
<div class="dropdown-divider"></div>
{% endif %}
<a class="dropdown-item" href="{{ child.get_absolute_url }}"><span>{{ child.get_menu_title }}</span></a>
{% endfor %}
13 changes: 13 additions & 0 deletions backend/templates/menu/menu.html
View file Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{% load i18n menu_tags cache %}{% spaceless %}
{% for child in children %}
<li class="nav-item text-center {% if child.ancestor %}ancestor{% endif %}{% if child.children %} dropdown{% endif %}">
{% if child.children %}<a class="nav-link dropdown-toggle" role="button" data-bs-toggle="dropdown" href="{{ child.get_absolute_url }}" id="menu-{{ child.id|safe }}">{{ child.get_menu_title }}</a>
<div class="dropdown-menu" aria-labelledby="menu-{{ child.ancestor.id|safe }}">
{% show_menu from_level to_level extra_inactive extra_active "menu/dropdown.html" "" "" child %}
</div>
{% else %}
<a class="nav-link{% if child.selected %} active{% endif %}" href="{{ child.get_absolute_url }}"><span>{{ child.get_menu_title }}</span></a>
{% endif %}
</li>
{% endfor %}
{% endspaceless %}
2 changes: 1 addition & 1 deletion backend/templates/minimal.html
View file Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
</head>
<body>
{% cms_toolbar %}
{% placeholder "content" %}
{% placeholder "Content" %}
{% render_block "js" %}
</body>
</html>
8 changes: 0 additions & 8 deletions backend/templates/page.html
View file Open in desktop

This file was deleted.

2 changes: 1 addition & 1 deletion backend/templates/whitenoise-static-files-demo.html
View file Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@

<img src="{% static "django-cms-logo.png" %}" \/>

{% placeholder "content" %}
{% placeholder "Content" %}
{% render_block "js" %}
</body>
</html>
22 changes: 9 additions & 13 deletions requirements.in
View file Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# pip-compile requirements.in >> requirements.txt


django>=3.1,<3.2 # 3.2 has dark admin theme which looks bad in custom django CMS admin views
django==3.2
dj-database-url==0.5.0
django-storage-url==0.5.0
whitenoise==5.2.0
Expand All @@ -16,32 +16,28 @@ uwsgi==2.0.19.1
django-cms<4
django-classy-tags>=2.0
django-sekizai>=2.0
six
pytz

# optional, but used in most projects
djangocms-admin-style>=2.0,<3.0
djangocms-admin-style>=2.0

# the default CKEditor - optional, but used in most projects
djangocms-text-ckeditor>=4.0,<5.0
djangocms-text-ckeditor>=4.0

# some content plugins - optional, but used in most projects
djangocms-link>=3.0,<4.0
# djangocms-link>=3.0,<4.0 # Only if not using djangocms-frontend
djangocms-icon>=2.0,<3.0
djangocms-style>=3.0,<4.0
djangocms-googlemap>=2.0,<3.0
djangocms-video>=3.0,<4.0
djangocms-file>=3.0,<4.0
djangocms-picture>=3.0,<4.0

easy-thumbnails==2.8.0
# optional django CMS Bootstrap 4 modules
djangocms-bootstrap4>=2.0,<3.0
# optional django CMS Bootstrap 5 modules (alpha) - requires BS5 frontend setup in the templates
# as of Q4 2021 there are still basic issues with djangocms-bootstrap5
# https://github.com/gl-agnx/djangocms-bootstrap5/archive/refs/heads/master.zip#egg=djangocms_bootstrap5
easy-thumbnails
# optional django CMS Frontend modules
djangocms-frontend

# Django Filer - optional, but used in most projects (alpha)
https://github.com/django-cms/django-filer/archive/refs/tags/2.1.1.zip#egg=django-filer
# Django Filer - optional, but used in most projects (alpha) - already implicitly installed through djangocms-file
# https://github.com/django-cms/django-filer/archive/refs/tags/2.1.1.zip#egg=django-filer

pip-tools # needed for compilation of this file into requirements.txt, see start of file
Loading

AltStyle によって変換されたページ (->オリジナル) /