Merge branch 'main' into teams

.github/workflows/ci-cd.yml

@@ -53,6 +53,9 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-poetry-
 
+      - name: Print memory usage
+        run: free -h
+
   pre-commit:
     name: Run pre-commit
     needs: setup
@@ -69,6 +72,8 @@ jobs:
           python-version: 3.11.2
       - name: Run pre-commit
         uses: pre-commit/[email protected]
+      - name: Print memory usage
+        run: free -h
 
   code-ql:
     name: Run CodeQL
@@ -132,6 +137,9 @@ jobs:
       - uses: github/codeql-action/analyze@v2
         if: ${{ steps.set-matrix.outputs.languages != '' }}
 
+      - name: Print memory usage
+        run: free -h
+
   test:
     name: Run Tests
     needs: code-ql
@@ -147,11 +155,13 @@ jobs:
         with:
           python-version: 3.11.2
       - run: pip install poetry
-      - run: poetry lock --no-update
+      - run: poetry lock
       - run: poetry install
       - run: poetry run python manage.py collectstatic --noinput
       - name: Run tests
         run: poetry run xvfb-run --auto-servernum python manage.py test -v 3 --failfast
+      - name: Print memory usage
+        run: free -h
 
   docker-test:
     runs-on: ubuntu-latest
@@ -176,10 +186,13 @@ jobs:
           docker run -d --name my-container my-app
 
       - run: docker exec my-container pip install poetry
-      - run: docker exec my-container poetry lock --no-update
-      - run: docker exec my-container poetry install --no-dev --no-interaction
+      - run: docker exec my-container poetry lock
+      - run: docker exec my-container poetry install --without dev --no-interaction
 
       - name: Clean up
         run: |
           docker stop my-container
-          docker rm my-container
+          docker rm my-container
+
+      - name: Print memory usage
+        run: free -h

Dockerfile

@@ -33,8 +33,8 @@ RUN ln -s /usr/bin/google-chrome-stable /usr/local/bin/google-chrome
 RUN pip install poetry
 RUN poetry config virtualenvs.create false
 COPY pyproject.toml poetry.lock* ./
-RUN poetry lock --no-update
-RUN poetry install
+RUN poetry lock
+RUN poetry install --no-root
 
 # Install additional Python packages
 RUN pip install opentelemetry-api opentelemetry-instrumentation

Procfile

@@ -1,2 +1,3 @@
 release: python manage.py migrate  --noinput
-web: newrelic-admin run-program bin/start-pgbouncer uvicorn blt.asgi:application --host 0.0.0.0 --port ${PORT}
+#web: newrelic-admin run-program bin/start-pgbouncer uvicorn blt.asgi:application --host 0.0.0.0 --port ${PORT}
+web: gunicorn blt.wsgi --log-file - --workers 1 --worker-class gthread --threads 2 --timeout 120

README.md

@@ -4,7 +4,7 @@
 <p align="center"><a href="https://github.com/OWASP/BLT/actions" rel="noopener noreferrer" target="__blank"><img alt="Build" src="https://github.com/OWASP/BLT/actions/workflows/auto-merge.yml/badge.svg"></a> <a href="https://github.com/OWASP/BLT/blob/main/LICENSE.md" rel="noopener noreferrer"><img src="https://img.shields.io/badge/license-AGPL--3.0-blue"></a>
 <a href="https://github.com/OWASP/BLT" rel="noopener noreferrer" target="__blank"><img alt="GitHub stars" src="https://img.shields.io/github/stars/OWASP/BLT?style=social"></a></p>
 
-<img alt="Views" src="https://blt.owasp.org/projects/blt/badge"></a>
+<img alt="Views" src="https://blt.owasp.org/repos/blt/badge/">
 
 Everything is on our <a href="https://blt.owasp.org">homepage</a>
 

blt/urls.py

@@ -100,9 +100,9 @@
     SpecificIssuesView,
     UpdateIssue,
     change_bid_status,
-    comment_on_issue,
+    comment_on_content,
     create_github_issue,
-    delete_comment,
+    delete_content_comment,
     delete_issue,
     dislike_issue,
     fetch_current_bid,
@@ -120,7 +120,7 @@
     submit_bug,
     submit_pr,
     unsave_issue,
-    update_comment,
+    update_content_comment,
     vote_count,
 )
 from website.views.organization import (
@@ -174,11 +174,11 @@
     view_hunt,
     weekly_report,
 )
-from website.views.project import (  # ProjectBadgeView,
-    ProjectDetailView,
-    ProjectListView,
+from website.views.project import (
+    ProjectBadgeView,
     ProjectsDetailView,
     ProjectView,
+    RepoBadgeView,
     RepoDetailView,
     blt_tomato,
     create_project,
@@ -459,19 +459,20 @@
     ),
     re_path(r"^issue/edit/$", IssueEdit, name="edit_issue"),
     re_path(r"^issue/update/$", UpdateIssue, name="update_issue"),
+    # comment on content
     path(
-        "issue/<str:issue_pk>/comment/",
-        comment_on_issue,
-        name="comment_on_issue",
+        "content/<str:content_pk>/comment/",
+        comment_on_content,
+        name="comment_on_content",
     ),
-    # UPDATE COMMENT
+    # update comment
     path(
-        "issue/<str:issue_pk>/comment/update/<str:comment_pk>/",
-        update_comment,
-        name="update_comment",
+        "content/<str:content_pk>/comment/update/<str:comment_pk>/",
+        update_content_comment,
+        name="update_content_comment",
     ),
-    # delete_comment
-    path("issue2/comment/delete/", delete_comment, name="delete_comment"),
+    # delete comment
+    path("content/comment/delete/", delete_content_comment, name="delete_content_comment"),
     re_path(r"^issue/(?P<slug>\w+)/$", IssueView.as_view(), name="issue_view"),
     re_path(r"^follow/(?P<user>[^/]+)/", follow_user, name="follow_user"),
     re_path(r"^all_activity/$", AllIssuesView.as_view(), name="all_activity"),
@@ -552,8 +553,7 @@
         TemplateView.as_view(template_name="coming_soon.html"),
         name="googleplayapp",
     ),
-    re_path(r"^projects/$", ProjectListView.as_view(), name="project_list"),
-    re_path(r"^allprojects/$", ProjectView.as_view(), name="project_view"),
+    re_path(r"^projects/$", ProjectView.as_view(), name="project_view"),
     re_path(r"^apps/$", TemplateView.as_view(template_name="apps.html"), name="apps"),
     re_path(
         r"^deletions/$",
@@ -603,10 +603,8 @@
     re_path(r"^api/v1/createwallet/$", create_wallet, name="create_wallet"),
     re_path(r"^api/v1/count/$", issue_count, name="api_count"),
     re_path(r"^api/v1/contributors/$", contributors, name="api_contributor"),
-    path("project/<slug:slug>/", ProjectDetailView.as_view(), name="project_view"),
-    # path(
-    #     "projects/<slug:slug>/badge/", ProjectBadgeView.as_view(), name="project-badge"
-    # ),
+    path("projects/<slug:slug>/badge/", ProjectBadgeView.as_view(), name="project-badge"),
+    path("repos/<slug:slug>/badge/", RepoBadgeView.as_view(), name="repo-badge"),
     path("repository/<slug:slug>/", RepoDetailView.as_view(), name="repo_detail"),
     re_path(r"^report-ip/$", ReportIpView.as_view(), name="report_ip"),
     re_path(r"^reported-ips/$", ReportedIpListView.as_view(), name="reported_ips_list"),
@@ -854,7 +852,7 @@
         name="similarity_scan",
     ),
     path("projects/create/", create_project, name="create_project"),
-    path("projects/<slug:slug>/", ProjectsDetailView.as_view(), name="projects_detail"),
+    path("project/<slug:slug>/", ProjectsDetailView.as_view(), name="projects_detail"),
 ]
 
 if settings.DEBUG:

comments/admin.py

@@ -4,7 +4,12 @@
 
 
 class MyCommentsAdmin(admin.ModelAdmin):
-    list_display = ("id", "author", "issue", "text", "created_date")
+    list_display = ("id", "author", "get_related_object", "text", "created_date")
+
+    def get_related_object(self, obj):
+        return obj.content_object
+
+    get_related_object.short_description = "Related Object"
 
 
 admin.site.register(Comment, MyCommentsAdmin)

comments/migrations/0007_remove_comment_issue_comment_content_type_and_more.py

@@ -0,0 +1,35 @@
+# Generated by Django 5.1.4 on 2025-01-04 19:10
+
+import django.db.models.deletion
+import django.utils.timezone
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("comments", "0006_comment_author_fk"),
+        ("contenttypes", "0002_remove_content_type_name"),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name="comment",
+            name="issue",
+        ),
+        migrations.AddField(
+            model_name="comment",
+            name="content_type",
+            field=models.ForeignKey(
+                default=1,
+                on_delete=django.db.models.deletion.CASCADE,
+                to="contenttypes.contenttype",
+            ),
+            preserve_default=False,
+        ),
+        migrations.AddField(
+            model_name="comment",
+            name="object_id",
+            field=models.PositiveIntegerField(default=1),
+            preserve_default=False,
+        ),
+    ]

comments/models.py

@@ -1,14 +1,18 @@
+from django.contrib.contenttypes.fields import GenericForeignKey
+from django.contrib.contenttypes.models import ContentType
 from django.db import models
 from django.utils import timezone
 
-from website.models import Issue, UserProfile
+from website.models import UserProfile
 
 # Create your models here.
 
 
 class Comment(models.Model):
     parent = models.ForeignKey("self", null=True, on_delete=models.CASCADE)
-    issue = models.ForeignKey(Issue, on_delete=models.CASCADE, related_name="comments")
+    content_type = models.ForeignKey(ContentType, on_delete=models.CASCADE)
+    object_id = models.PositiveIntegerField()
+    content_object = GenericForeignKey("content_type", "object_id")
     author = models.CharField(max_length=200)
     author_fk = models.ForeignKey(UserProfile, null=True, on_delete=models.SET_NULL)
     author_url = models.CharField(max_length=200)