-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit b9a493c
Showing
312 changed files
with
8,008 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
# 📜 Code of Conduct | ||
|
||
Welcome to the Next Billion Native Commerce (nxtbn) community! This Code of Conduct outlines our expectations for participant behavior, as well as the consequences for unacceptable behavior. We are committed to providing a safe, inclusive, and welcoming environment for everyone involved in our project, regardless of background or identity. | ||
|
||
## 🤝 Our Pledge | ||
In the interest of fostering an open and welcoming environment, we pledge to make participation in our project and community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, sexual orientation, or any other protected category. | ||
|
||
## 🌟 Expected Behavior | ||
Participants are expected to: | ||
- Be kind, considerate, and respectful to others. | ||
- Use welcoming and inclusive language. | ||
- Respect different viewpoints and experiences. | ||
- Show empathy toward others. | ||
- Gracefully accept constructive criticism. | ||
- Focus on what is best for the community. | ||
- Act in a way that fosters a positive environment. | ||
|
||
## ❌ Unacceptable Behavior | ||
Unacceptable behaviors include: | ||
- Harassment, discrimination, or inappropriate comments based on personal characteristics or identity. | ||
- Trolling, insulting, or derogatory remarks. | ||
- Public or private harassment or intimidation. | ||
- Publishing others' private information without permission. | ||
- Disruptive behavior that hinders the community's progress or cohesion. | ||
- Any other conduct that could be reasonably considered inappropriate in a professional setting. | ||
|
||
## 📢 Reporting and Enforcement | ||
If you experience or witness behavior that violates this Code of Conduct, please report it to our Code of Conduct team at [conduct@bytenyx.com](mailto:conduct@bytenyx.com). All reports will be handled confidentially and promptly. | ||
|
||
We are committed to addressing any behavior that violates this Code of Conduct. The enforcement process includes: | ||
- Investigation of the report. | ||
- Appropriate corrective actions, which may include warnings, temporary bans, or permanent removal from the community. | ||
|
||
## 🙏 Acknowledgements | ||
We thank all participants for their help in creating a positive and inclusive community. We are inspired by the [Contributor Covenant](https://www.contributor-covenant.org/), version 2.1, which serves as a model for this Code of Conduct. If you have suggestions or feedback, please reach out to us at [conduct@bytenyx.com](mailto:conduct@bytenyx.com). | ||
|
||
--- | ||
|
||
Thank you for being part of the nxtbn community. Together, let's create a welcoming environment for everyone! 🌈 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
## 🕵️♂️ Important Notice for Reporting Security Vulnerabilities | ||
|
||
To report a security vulnerability, **do not** use public GitHub issues. Instead, use one of the following secure channels: | ||
|
||
1. **GitHub Security Advisories**: [Submit a report](https://github.com/nxtbn-com/nxtbn/security/advisories) | ||
|
||
### Confidentiality | ||
We prioritize your privacy. All reports will be treated with the utmost confidentiality, and we will not share your information without your permission. | ||
|
||
### Resolution and Feedback | ||
Upon receiving your report, we will acknowledge it and begin our investigation. You will be notified of our findings and the steps taken to resolve the issue. If appropriate, we will credit you for your contribution in our public announcements. | ||
|
||
Please note that we do not currently offer a bounty program and therefore cannot provide monetary rewards for identifying security vulnerabilities. However, we will publicly acknowledge your role as the original source of the report when we announce a fix. | ||
|
||
|
||
# 🔒 Security Guidelines for nxtbn | ||
|
||
Welcome to the security guidelines for **Next Billion Native Commerce (nxtbn)**. This document outlines best practices for ensuring the security of your nxtbn deployment, as well as procedures for reporting security vulnerabilities. | ||
|
||
## 🛡️ Security Best Practices | ||
To maintain a secure environment, please follow these best practices: | ||
|
||
- **Regular Updates**: Keep your nxtbn installation, dependencies, and server operating systems up to date. This ensures you have the latest security patches and features. | ||
|
||
- **Secure Configurations**: Configure your servers and applications with security in mind. Use strong passwords, disable unused services, and employ firewalls and other security measures. | ||
|
||
- **Role-Based Access Control (RBAC)**: Assign appropriate permissions to users based on their roles and responsibilities. Follow the principle of least privilege to minimize potential security risks. | ||
|
||
- **Secure Communication**: Use encrypted communication protocols such as HTTPS and SSL/TLS to protect data in transit. Ensure that your certificates are valid and not expired. | ||
|
||
- **Data Encryption**: Encrypt sensitive data at rest, such as user credentials and payment information. Use secure key management practices to protect encryption keys. | ||
|
||
- **Backup and Disaster Recovery**: Implement regular backups and disaster recovery plans to protect against data loss or system failures. | ||
|
||
- **Security Audits**: Conduct regular security audits to identify potential vulnerabilities and improve overall security posture. | ||
|
||
- **User Education**: Educate your team about security best practices, including how to identify phishing attempts and other common threats. | ||
|
||
|
||
|
||
## 💡 Additional Resources | ||
For more information on securing your nxtbn deployment, refer to the following resources: | ||
|
||
- [Django Security Practices](https://docs.djangoproject.com/en/stable/topics/security/) | ||
- [OWASP Security Guidelines](https://owasp.org/) | ||
|
||
If you have any security-related questions or concerns, please contact us at [security@bytenyx.com](mailto:security@bytenyx.com). | ||
|
||
--- | ||
|
||
Thank you for helping us keep nxtbn secure. Together, we can ensure a safe and reliable platform for everyone. 🔐 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,125 @@ | ||
# Byte-compiled / optimized / DLL files | ||
__pycache__/ | ||
*.py[cod] | ||
*$py.class | ||
|
||
# C extensions | ||
*.so | ||
|
||
# Distribution / packaging | ||
.Python | ||
build/ | ||
develop-eggs/ | ||
dist/ | ||
downloads/ | ||
eggs/ | ||
.eggs/ | ||
lib/ | ||
lib64/ | ||
parts/ | ||
sdist/ | ||
var/ | ||
wheels/ | ||
*.egg-info/ | ||
.installed.cfg | ||
*.egg | ||
MANIFEST | ||
|
||
# PyInstaller | ||
# Usually these files are written by a python script from a template | ||
# before PyInstaller builds the exe, so as to inject date/other infos into it. | ||
*.manifest | ||
*.spec | ||
|
||
# Installer logs | ||
pip-log.txt | ||
pip-delete-this-directory.txt | ||
|
||
# Unit test / coverage reports | ||
htmlcov/ | ||
.tox/ | ||
.coverage | ||
.coverage.* | ||
.cache | ||
nosetests.xml | ||
coverage.xml | ||
*.cover | ||
.hypothesis/ | ||
.pytest_cache/ | ||
|
||
# Translations | ||
*.mo | ||
*.pot | ||
|
||
# Django stuff: | ||
*.log | ||
local_settings.py | ||
db.sqlite3 | ||
|
||
# Flask stuff: | ||
instance/ | ||
.webassets-cache | ||
|
||
# Scrapy stuff: | ||
.scrapy | ||
|
||
# Sphinx documentation | ||
docs/_build/ | ||
|
||
# PyBuilder | ||
target/ | ||
|
||
# Jupyter Notebook | ||
.ipynb_checkpoints | ||
|
||
# pyenv | ||
.python-version | ||
|
||
# celery beat schedule file | ||
celerybeat-schedule | ||
|
||
# SageMath parsed files | ||
*.sage.py | ||
|
||
# Environments | ||
.env | ||
.venv | ||
env/ | ||
venv/ | ||
ENV/ | ||
env.bak/ | ||
venv.bak/ | ||
|
||
# Spyder project settings | ||
.spyderproject | ||
.spyproject | ||
|
||
# Rope project settings | ||
.ropeproject | ||
|
||
# mkdocs documentation | ||
/site | ||
|
||
# mypy | ||
.mypy_cache/ | ||
|
||
/node_modules/ | ||
/avatar/ | ||
/qr/ | ||
/media/ | ||
/result/ | ||
/staticfiles/ | ||
local.py | ||
/mediafiles/ | ||
|
||
# uploaded template to be ignored | ||
user_themes | ||
nginx.conf | ||
|
||
|
||
|
||
# Don't ignore the __init__.py file | ||
!nxtbn/payment/plugins/__init__.py | ||
|
||
# Ignore all subdirectories under plugins | ||
nxtbn/payment/plugins/*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
# Contributing to nxtbn | ||
|
||
Thank you for considering contributing to nxtbn! This guide provides an overview of how to contribute to our project and outlines the terms and conditions for contributions. Please read it carefully before you start. | ||
|
||
## Ways to Contribute | ||
- **Code**: Contribute code to fix bugs, add new features, or improve existing functionality. | ||
- **Documentation**: Help with documentation updates and creating user guides. | ||
- **Community**: Engage in discussions, answer questions, and support other contributors. | ||
|
||
## How to Contribute | ||
1. **Fork the Repository**: Click "Fork" at the top of the repository page to create your copy. | ||
2. **Create a New Branch**: Use a descriptive branch name for your contribution. | ||
3. **Make Changes**: Implement your changes following our coding guidelines. | ||
4. **Run Tests**: Ensure that your changes do not introduce errors. | ||
5. **Submit a Pull Request**: Open a pull request (PR) from your branch to the `main` branch, providing a clear description of the changes. | ||
|
||
## Getting Started | ||
- **Check Open Issues**: Before you start working on a contribution, check the [issue tracker](https://github.com/nxtbn-com/nxtbn/issues) to see if someone else is already working on it or if there's an existing issue related to your idea. | ||
- **Communication**: If you're unsure about a task or need guidance, open an issue or join ongoing discussions. Collaboration is encouraged. | ||
|
||
## Coding Guidelines | ||
- **Coding Style**: Follow PEP 8 for Python code and standard conventions for React/JavaScript code. | ||
- **Python Black Formatting**: We use [Black](https://github.com/psf/black) to format Python code. Ensure your code is formatted with Black before committing. | ||
- **Existing Patterns**: Follow existing code structures and naming conventions in the codebase to maintain consistency. | ||
- **Comments and Documentation**: Add comments to explain complex logic, and update relevant documentation or docstrings as needed. | ||
|
||
## Commit Guidelines | ||
- **Commit Messages**: Use clear and consistent commit messages. Follow this format: | ||
- `feat:` for new features. | ||
- `fix:` for bug fixes. | ||
- `docs:` for documentation changes. | ||
- `style:` for formatting changes. | ||
- `refactor:` for code restructuring without changing functionality. | ||
- **Commit Frequency**: Commit after completing a logical unit of work. Keep commits manageable. | ||
- **Review Commits**: Review your commits before pushing to ensure proper formatting and clear messages. | ||
|
||
## Pull Request Guidelines | ||
- **Branch Naming**: Use descriptive branch names, like `feature/add-login` or `fix/bug-123`. | ||
- **Pull Request Description**: Describe your changes thoroughly. Include what problem it solves, how to test it, and any related issues. | ||
- **Automated Tests**: Ensure your changes pass existing tests and add new tests if required. | ||
- **Review and Feedback**: Be open to feedback and willing to adjust your code based on reviewer comments. | ||
|
||
## Best Practices | ||
- **Code Consistency**: Follow the existing code patterns. Consistency helps maintainers and other contributors understand your changes. | ||
- **Security**: Ensure your changes don't introduce security vulnerabilities. If you find a security issue, report it privately to the maintainers. | ||
- **Collaboration**: Work with other contributors and maintainers. Communication is key to successful contributions. | ||
- **Testing**: Always test your changes before submitting a pull request. Use automated tests to ensure code quality. | ||
|
||
|
||
|
||
## Code of Conduct | ||
All contributors must follow our [Code of Conduct](.github/CODE_OF_CONDUCT.md). We expect a respectful and inclusive environment. | ||
|
||
## Terms and Conditions | ||
By contributing to nxtbn, you agree to the following: | ||
- Contributions are owned by Bytenyx Limited, the project maintainer, or its successors. | ||
- Intellectual property rights from contributions are transferred to Bytenyx Limited. | ||
- Contributions must comply with the project's licensing terms as defined in the `LICENSE` file. | ||
|
||
## Right to Modify | ||
Bytenyx Limited reserves the right to change, modify, update, or terminate any terms and conditions or policies related to this project at any time. You will be notified of significant changes, and by continuing to contribute, you agree to abide by the updated terms. | ||
|
||
## Need Help? | ||
If you have questions or need support, please create an issue in the repository or contact us at [support@bytenyx.com](mailto:support@bytenyx.com). | ||
|
||
Thank you for contributing to nxtbn! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
FROM python:3.10-slim-buster | ||
|
||
|
||
COPY ./Pipfile /Pipfile | ||
COPY ./Pipfile.lock /Pipfile.lock | ||
|
||
RUN apt-get update --yes --quiet && apt-get install --yes --quiet --no-install-recommends \ | ||
build-essential \ | ||
libpq-dev \ | ||
libmariadbclient-dev \ | ||
libjpeg62-turbo-dev \ | ||
zlib1g-dev \ | ||
libwebp-dev \ | ||
netcat \ | ||
&& rm -rf /var/lib/apt/lists/* | ||
|
||
|
||
RUN pip install --no-cache-dir -q 'pipenv==2020.11.15' && pipenv install --deploy --system | ||
|
||
|
||
RUN mkdir /backend | ||
COPY ./ /backend | ||
WORKDIR /backend | ||
|
||
|
||
RUN chmod +x /backend/scripts/entrypoint.sh | ||
RUN chmod +x /backend/media | ||
|
||
|
||
CMD ["/backend/scripts/entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
BSD 3-Clause License | ||
|
||
Copyright (c) 2024, bytenyx limited | ||
All rights reserved. | ||
|
||
Redistribution and use in source and binary forms, with or without | ||
modification, are permitted provided that the following conditions are met: | ||
|
||
1. Redistributions of source code must retain the above copyright notice, this | ||
list of conditions and the following disclaimer. | ||
|
||
2. Redistributions in binary form must reproduce the above copyright notice, | ||
this list of conditions and the following disclaimer in the documentation | ||
and/or other materials provided with the distribution. | ||
|
||
3. Neither the name of the copyright holder nor the names of its | ||
contributors may be used to endorse or promote products derived from | ||
this software without specific prior written permission. | ||
|
||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | ||
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE | ||
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | ||
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER | ||
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | ||
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | ||
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
[[source]] | ||
url = "https://pypi.org/simple" | ||
verify_ssl = true | ||
name = "pypi" | ||
|
||
[packages] | ||
django = "==4.2.11" | ||
django-allauth = "*" | ||
django-extensions = "*" | ||
djangorestframework = "*" | ||
drf-yasg = "*" | ||
psycopg2-binary = "*" | ||
pillow = "*" | ||
django-storages = "*" | ||
gunicorn = "*" | ||
factory-boy = "*" | ||
tqdm = "*" | ||
whitenoise = "*" | ||
django-cors-headers = "*" | ||
python-dotenv = "*" | ||
django-filter = "*" | ||
faker = "*" | ||
pyjwt = "*" | ||
stripe = "*" | ||
py-money = "*" | ||
|
||
[dev-packages] | ||
coverage = "*" | ||
|
||
[requires] | ||
python_version = "3.10" |
Oops, something went wrong.