Merge 'development' into 'main'

.dockerignore

@@ -6,7 +6,6 @@
 CONTRIBUTING.rst
 docker-compose.yml
 Dockerfile
-# requirements.txt
 tests.py
 tox.ini
 

.drone.yml

@@ -0,0 +1,8 @@
+# Drone CI File!
+
+kind: template
+load: container.jsonnet
+data:
+  repositoryName: josaorg/safepass
+  releaseName: safepass
+  buildArgs:

.github/codeql-config.yml

@@ -0,0 +1,8 @@
+name: "CodeQL config"
+
+paths-ignore:
+  - tests.py
+  - 'snappass/static/bootstrap/**'
+  - 'snappass/static/clipboardjs/**'
+  - 'snappass/static/fontawesome/**'
+  - 'snappass/static/jquery/**'

.github/workflows/ci.yml

@@ -13,25 +13,25 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        python-version: ['3.7', '3.8', '3.9', '3.10']
+        python-version: ['3.8', '3.9', '3.10']
 
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v4
-      with:
-        python-version: ${{ matrix.python-version }}
-    - uses: actions/cache@v3
-      with:
-        path: ~/.cache/pip
-        key: ${{ runner.os }}-python-${{ matrix.python-version }}-pip-${{ hashFiles('.github/workflows/ci.yml') }}
-        restore-keys: ${{ runner.os }}-python-${{ matrix.python-version }}-pip
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        python -m pip install tox tox-gh-actions
-    - name: Lint
-      if: matrix.python-version == '3.10'
-      run: tox -e flake8
-    - name: Tests
-      run: tox
+      - uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - uses: actions/cache@v4
+        with:
+          path: ~/.cache/pip
+          key: ${{ runner.os }}-python-${{ matrix.python-version }}-pip-${{ hashFiles('.github/workflows/ci.yml') }}
+          restore-keys: ${{ runner.os }}-python-${{ matrix.python-version }}-pip
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install tox tox-gh-actions
+      - name: Lint
+        if: matrix.python-version == '3.10'
+        run: tox -e flake8
+      - name: Tests
+        run: tox

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,45 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: ["master"]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: ["master"]
+    # Skip the workflow if PR only contains changes to files matching the following path patterns
+    paths-ignore:
+      - tests.py
+      - "**/*.md"
+      - "**/*.rst"
+      - "snappass/static/bootstrap/**"
+      - "snappass/static/clipboardjs/**"
+      - "snappass/static/fontawesome/**"
+      - "snappass/static/jquery/**"
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["javascript", "python"]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        config-file: ./.github/codeql-config.yml
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3

.gitignore

@@ -1,8 +1,7 @@
 .project
 *.rdb
 junit*xml
-
-env/
+env/.env*
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]
@@ -13,7 +12,7 @@ __pycache__/
 
 # Distribution / packaging
 .Python
-env/
+.env.*
 build/
 develop-eggs/
 dist/
@@ -50,3 +49,7 @@ htmlcov/
 # virtualenv
 venv/
 ENV/
+
+# Translation catalogs
+*.mo
+*.pot

.pre-commit-config.yaml

@@ -1,15 +1,20 @@
 # .pre-commit-config.yaml
-default_stages: [commit]
+default_stages: [pre-commit]
+
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.3.0
+    rev: v5.0.0
     hooks:
       - id: check-merge-conflict
       - id: check-added-large-files
       - id: trailing-whitespace
       - id: end-of-file-fixer
   - repo: https://github.com/zricethezav/gitleaks
-    rev: v8.15.0
+    rev: v8.24.0
     hooks:
       - id: gitleaks
         name: detect hardcoded secrets
+  - repo: https://github.com/jordanopensource/pre-commit-hooks
+    rev: v0.4.4
+    hooks:
+      - id: run-samplr

.samplr.yml

@@ -0,0 +1,17 @@
+######################
+# samplr configuration
+######################
+
+# Want to include a header that indicates this is an autogenerated file?
+autogencomments: true
+
+# regex matches for filenames that you want to include or exclude from
+# the samplr generation. Be careful to indent using spaces.
+# For a file to be sampled, it has to meet both requirements: be included and not excluded.
+excludes:
+  - \.sample # It's a good idea to exclude all *.sample* files, otherwise it will behave recursively
+  - \.py$ # Most of the times, the code files won't need samples
+includes:
+  - ^env # Matches files like ./config/setup.yml or ./configuration/script.sh
+  - \.yml$ # Matches all .yml files in the project
+  - Dockerfile # Matches all Dockerfile in the project

Dockerfile

@@ -8,13 +8,14 @@ RUN groupadd -r snappass && \
 
 WORKDIR $APP_DIR
 
-COPY ["setup.py", "MANIFEST.in", "README.rst", "AUTHORS.rst", "Makefile", "requirements.txt", "$APP_DIR/"]
+COPY ["setup.py", "requirements.txt", "MANIFEST.in", "README.rst", "AUTHORS.rst", "$APP_DIR/"]
 COPY ["./snappass", "$APP_DIR/snappass"]
 
-RUN apt-get update && \
-    apt-get install make && \
-    make prod && \
-    python setup.py install && \
+RUN pip install -r requirements.txt
+
+RUN pybabel compile -d snappass/translations
+
+RUN python setup.py install && \
     chown -R snappass $APP_DIR && \
     chgrp -R snappass $APP_DIR
 

MANIFEST.in

@@ -1,3 +1,4 @@
 include *.rst LICENSE
 recursive-include snappass/static *
 recursive-include snappass/templates *
+recursive-include snappass/translations *