Skip to content

Commit

Permalink
base in stable flight
Browse files Browse the repository at this point in the history
  • Loading branch information
nxtbn committed May 24, 2024
0 parents commit 1b414be
Show file tree
Hide file tree
Showing 312 changed files with 8,013 additions and 0 deletions.
39 changes: 39 additions & 0 deletions .github/CODE_OF_CONDUCT.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
# 📜 Code of Conduct

Welcome to the Next Billion Native Commerce (nxtbn) community! This Code of Conduct outlines our expectations for participant behavior, as well as the consequences for unacceptable behavior. We are committed to providing a safe, inclusive, and welcoming environment for everyone involved in our project, regardless of background or identity.

## 🤝 Our Pledge
In the interest of fostering an open and welcoming environment, we pledge to make participation in our project and community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, sexual orientation, or any other protected category.

## 🌟 Expected Behavior
Participants are expected to:
- Be kind, considerate, and respectful to others.
- Use welcoming and inclusive language.
- Respect different viewpoints and experiences.
- Show empathy toward others.
- Gracefully accept constructive criticism.
- Focus on what is best for the community.
- Act in a way that fosters a positive environment.

## ❌ Unacceptable Behavior
Unacceptable behaviors include:
- Harassment, discrimination, or inappropriate comments based on personal characteristics or identity.
- Trolling, insulting, or derogatory remarks.
- Public or private harassment or intimidation.
- Publishing others' private information without permission.
- Disruptive behavior that hinders the community's progress or cohesion.
- Any other conduct that could be reasonably considered inappropriate in a professional setting.

## 📢 Reporting and Enforcement
If you experience or witness behavior that violates this Code of Conduct, please report it to our Code of Conduct team at [conduct@bytenyx.com](mailto:conduct@bytenyx.com). All reports will be handled confidentially and promptly.

We are committed to addressing any behavior that violates this Code of Conduct. The enforcement process includes:
- Investigation of the report.
- Appropriate corrective actions, which may include warnings, temporary bans, or permanent removal from the community.

## 🙏 Acknowledgements
We thank all participants for their help in creating a positive and inclusive community. We are inspired by the [Contributor Covenant](https://www.contributor-covenant.org/), version 2.1, which serves as a model for this Code of Conduct. If you have suggestions or feedback, please reach out to us at [conduct@bytenyx.com](mailto:conduct@bytenyx.com).

---

Thank you for being part of the nxtbn community. Together, let's create a welcoming environment for everyone! 🌈
51 changes: 51 additions & 0 deletions .github/SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
## 🕵️‍♂️ Important Notice for Reporting Security Vulnerabilities

To report a security vulnerability, **do not** use public GitHub issues. Instead, use one of the following secure channels:

1. **GitHub Security Advisories**: [Submit a report](https://github.com/nxtbn-com/nxtbn/security/advisories)

### Confidentiality
We prioritize your privacy. All reports will be treated with the utmost confidentiality, and we will not share your information without your permission.

### Resolution and Feedback
Upon receiving your report, we will acknowledge it and begin our investigation. You will be notified of our findings and the steps taken to resolve the issue. If appropriate, we will credit you for your contribution in our public announcements.

Please note that we do not currently offer a bounty program and therefore cannot provide monetary rewards for identifying security vulnerabilities. However, we will publicly acknowledge your role as the original source of the report when we announce a fix.


# 🔒 Security Guidelines for nxtbn

Welcome to the security guidelines for **Next Billion Native Commerce (nxtbn)**. This document outlines best practices for ensuring the security of your nxtbn deployment, as well as procedures for reporting security vulnerabilities.

## 🛡️ Security Best Practices
To maintain a secure environment, please follow these best practices:

- **Regular Updates**: Keep your nxtbn installation, dependencies, and server operating systems up to date. This ensures you have the latest security patches and features.

- **Secure Configurations**: Configure your servers and applications with security in mind. Use strong passwords, disable unused services, and employ firewalls and other security measures.

- **Role-Based Access Control (RBAC)**: Assign appropriate permissions to users based on their roles and responsibilities. Follow the principle of least privilege to minimize potential security risks.

- **Secure Communication**: Use encrypted communication protocols such as HTTPS and SSL/TLS to protect data in transit. Ensure that your certificates are valid and not expired.

- **Data Encryption**: Encrypt sensitive data at rest, such as user credentials and payment information. Use secure key management practices to protect encryption keys.

- **Backup and Disaster Recovery**: Implement regular backups and disaster recovery plans to protect against data loss or system failures.

- **Security Audits**: Conduct regular security audits to identify potential vulnerabilities and improve overall security posture.

- **User Education**: Educate your team about security best practices, including how to identify phishing attempts and other common threats.



## 💡 Additional Resources
For more information on securing your nxtbn deployment, refer to the following resources:

- [Django Security Practices](https://docs.djangoproject.com/en/stable/topics/security/)
- [OWASP Security Guidelines](https://owasp.org/)

If you have any security-related questions or concerns, please contact us at [security@bytenyx.com](mailto:security@bytenyx.com).

---

Thank you for helping us keep nxtbn secure. Together, we can ensure a safe and reliable platform for everyone. 🔐
125 changes: 125 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,125 @@
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class

# C extensions
*.so

# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST

# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec

# Installer logs
pip-log.txt
pip-delete-this-directory.txt

# Unit test / coverage reports
htmlcov/
.tox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
.hypothesis/
.pytest_cache/

# Translations
*.mo
*.pot

# Django stuff:
*.log
local_settings.py
db.sqlite3

# Flask stuff:
instance/
.webassets-cache

# Scrapy stuff:
.scrapy

# Sphinx documentation
docs/_build/

# PyBuilder
target/

# Jupyter Notebook
.ipynb_checkpoints

# pyenv
.python-version

# celery beat schedule file
celerybeat-schedule

# SageMath parsed files
*.sage.py

# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/

# Spyder project settings
.spyderproject
.spyproject

# Rope project settings
.ropeproject

# mkdocs documentation
/site

# mypy
.mypy_cache/

/node_modules/
/avatar/
/qr/
/media/
/result/
/staticfiles/
local.py
/mediafiles/

# uploaded template to be ignored
user_themes
nginx.conf



# Don't ignore the __init__.py file
!nxtbn/payment/plugins/__init__.py

# Ignore all subdirectories under plugins
nxtbn/payment/plugins/*/
66 changes: 66 additions & 0 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
# Contributing to nxtbn

Thank you for considering contributing to nxtbn! This guide provides an overview of how to contribute to our project and outlines the terms and conditions for contributions. Please read it carefully before you start.

## Ways to Contribute
- **Code**: Contribute code to fix bugs, add new features, or improve existing functionality.
- **Documentation**: Help with documentation updates and creating user guides.
- **Community**: Engage in discussions, answer questions, and support other contributors.

## How to Contribute
1. **Fork the Repository**: Click "Fork" at the top of the repository page to create your copy.
2. **Create a New Branch**: Use a descriptive branch name for your contribution.
3. **Make Changes**: Implement your changes following our coding guidelines.
4. **Run Tests**: Ensure that your changes do not introduce errors.
5. **Submit a Pull Request**: Open a pull request (PR) from your branch to the `main` branch, providing a clear description of the changes.

## Getting Started
- **Check Open Issues**: Before you start working on a contribution, check the [issue tracker](https://github.com/nxtbn-com/nxtbn/issues) to see if someone else is already working on it or if there's an existing issue related to your idea.
- **Communication**: If you're unsure about a task or need guidance, open an issue or join ongoing discussions. Collaboration is encouraged.

## Coding Guidelines
- **Coding Style**: Follow PEP 8 for Python code and standard conventions for React/JavaScript code.
- **Python Black Formatting**: We use [Black](https://github.com/psf/black) to format Python code. Ensure your code is formatted with Black before committing.
- **Existing Patterns**: Follow existing code structures and naming conventions in the codebase to maintain consistency.
- **Comments and Documentation**: Add comments to explain complex logic, and update relevant documentation or docstrings as needed.

## Commit Guidelines
- **Commit Messages**: Use clear and consistent commit messages. Follow this format:
- `feat:` for new features.
- `fix:` for bug fixes.
- `docs:` for documentation changes.
- `style:` for formatting changes.
- `refactor:` for code restructuring without changing functionality.
- **Commit Frequency**: Commit after completing a logical unit of work. Keep commits manageable.
- **Review Commits**: Review your commits before pushing to ensure proper formatting and clear messages.

## Pull Request Guidelines
- **Branch Naming**: Use descriptive branch names, like `feature/add-login` or `fix/bug-123`.
- **Pull Request Description**: Describe your changes thoroughly. Include what problem it solves, how to test it, and any related issues.
- **Automated Tests**: Ensure your changes pass existing tests and add new tests if required.
- **Review and Feedback**: Be open to feedback and willing to adjust your code based on reviewer comments.

## Best Practices
- **Code Consistency**: Follow the existing code patterns. Consistency helps maintainers and other contributors understand your changes.
- **Security**: Ensure your changes don't introduce security vulnerabilities. If you find a security issue, report it privately to the maintainers.
- **Collaboration**: Work with other contributors and maintainers. Communication is key to successful contributions.
- **Testing**: Always test your changes before submitting a pull request. Use automated tests to ensure code quality.



## Code of Conduct
All contributors must follow our [Code of Conduct](.github/CODE_OF_CONDUCT.md). We expect a respectful and inclusive environment.

## Terms and Conditions
By contributing to nxtbn, you agree to the following:
- Contributions are owned by Bytenyx Limited, the project maintainer, or its successors.
- Intellectual property rights from contributions are transferred to Bytenyx Limited.
- Contributions must comply with the project's licensing terms as defined in the `LICENSE` file.

## Right to Modify
Bytenyx Limited reserves the right to change, modify, update, or terminate any terms and conditions or policies related to this project at any time. You will be notified of significant changes, and by continuing to contribute, you agree to abide by the updated terms.

## Need Help?
If you have questions or need support, please create an issue in the repository or contact us at [support@bytenyx.com](mailto:support@bytenyx.com).

Thank you for contributing to nxtbn!
30 changes: 30 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
FROM python:3.10-slim-buster


COPY ./Pipfile /Pipfile
COPY ./Pipfile.lock /Pipfile.lock

RUN apt-get update --yes --quiet && apt-get install --yes --quiet --no-install-recommends \
build-essential \
libpq-dev \
libmariadbclient-dev \
libjpeg62-turbo-dev \
zlib1g-dev \
libwebp-dev \
netcat \
&& rm -rf /var/lib/apt/lists/*


RUN pip install --no-cache-dir -q 'pipenv==2020.11.15' && pipenv install --deploy --system


RUN mkdir /backend
COPY ./ /backend
WORKDIR /backend


RUN chmod +x /backend/scripts/entrypoint.sh
RUN chmod +x /backend/media


CMD ["/backend/scripts/entrypoint.sh"]
29 changes: 29 additions & 0 deletions LICENSE
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
BSD 3-Clause License

Copyright (c) 2024, bytenyx limited
All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.

3. Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 changes: 31 additions & 0 deletions Pipfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"

[packages]
django = "==4.2.11"
django-allauth = "*"
django-extensions = "*"
djangorestframework = "*"
drf-yasg = "*"
psycopg2-binary = "*"
pillow = "*"
django-storages = "*"
gunicorn = "*"
factory-boy = "*"
tqdm = "*"
whitenoise = "*"
django-cors-headers = "*"
python-dotenv = "*"
django-filter = "*"
faker = "*"
pyjwt = "*"
stripe = "*"
py-money = "*"

[dev-packages]
coverage = "*"

[requires]
python_version = "3.10"
Loading

0 comments on commit 1b414be

Please sign in to comment.