From 9ca5a2ca2b724ba4b028dc3a5625f35de9c517fe Mon Sep 17 00:00:00 2001 From: Nemo <commits@captnemo.in> Date: Fri, 09 May 2025 18:04:29 +0530 Subject: [PATCH] Merge pull request #2 from captn3m0/prepare-to-collaborate Prepare to collaborate--- .gitignore | 24 ++++++++++++++++++++++++ CODEOWNERS | 7 +++++++ CODE_OF_CONDUCT.md | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ CONTRIBUTING.md | 35 +++++++++++++++++++++++++++++++++++ SECURITY.md | 28 ++++++++++++++++++++++++++++ .github/dependabot.yml | 11 +++++++++++ 6 files changed, 163 insertions(+) diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..804acba 100644 --- /dev/null +++ a/.gitignore @@ -1,0 +1,24 @@ +# Python backend for club management +__pycache__/ +*.py[cod] # Python compiled files +*$py.class +*.so +.Python +env/ +.env # Where database passwords are stored +venv/ # Virtual environment for testing +.venv + +# Teacher IDE settings +.vscode/ # Ms. Rodriguez uses VS Code +.idea/ # Mr. Chen uses PyCharm + +# Local development & testing +instance/ +.pytest_cache/ +.coverage # Test coverage reports +htmlcov/ + +# Staff computer files +.DS_Store # For teachers with Macs +Thumbs.db # For teachers with Windows diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000..0e093f3 100644 --- /dev/null +++ a/CODEOWNERS @@ -1,0 +1,7 @@ +# Core functionality - changes here should be rare! +/src/app.py @captn3m0 +/src/backend/database.py @captn3m0 +/src/backend/routers/auth.py @captn3m0 + +# The frontend will need refactored soon to be more object oriented. +/src/static/ @captn3m0 diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..2af7540 100644 --- /dev/null +++ a/CODE_OF_CONDUCT.md @@ -1,0 +1,58 @@ +# Mergington High School Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment for +our school community, we as contributors and maintainers pledge to +make participation in the Extra-Curricular Activities project a +respectful and harassment-free experience for everyone. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment include: + +- Using welcoming and inclusive language +- Being respectful of differing viewpoints and experiences +- Gracefully accepting constructive criticism +- Focusing on what is best for the students and the school community +- Showing empathy towards other community members + +Examples of unacceptable behavior include: + +- The use of inappropriate language or imagery +- Trolling, insulting comments, and personal attacks +- Public or private harassment +- Publishing others' private information without explicit permission +- Other conduct which could reasonably be considered inappropriate in a school setting + +## Responsibilities + +Project maintainers are responsible for clarifying the standards of +acceptable behavior and are expected to take appropriate and fair +corrective action in response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, +or reject comments, commits, code, issues, and other contributions that +are not aligned to this Code of Conduct. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or the school. Examples of +representing the project include using an official project email address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the IT Club faculty advisor. All complaints will be reviewed and +investigated promptly and fairly. + +Project maintainers who do not follow or enforce the Code of Conduct in good faith may +face temporary or permanent repercussions as determined by the school administration. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org), +version 1.4, available at [https://www.contributor-covenant.org/version/1/4/code-of-conduct.html](https://www.contributor-covenant.org/version/1/4/code-of-conduct.html) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..7fb2660 100644 --- /dev/null +++ a/CONTRIBUTING.md @@ -1,0 +1,35 @@ +# Contributing to the Mergington High Extra-Curricular Activities Website + +Thank you for your interest in helping improve our school's website! +Whether you want to add your club's activities, fix a bug, or suggest +new features, this guide will help you get started. 🎉 + +## Development Setup + +1. Clone the repository to your computer. +2. Install Python requirements: `pip install -r requirements.txt`. +3. Run the development server: `python src/app.py`. +4. Visit http://localhost:8000 in your browser to see the website. + +## Making Changes + +1. Create a new branch for your changes. + - Use descriptive names like `art-gallery-feature` or `fix-chess-signup` +2. Make your changes and test them locally with sample student data. + - Use the MongoDB extension to preview the included sample date. +3. Push your branch and create a pull request. +4. Wait for review and address any feedback. + +## Code Style + +- Follow PEP 8 for Python code (backend). +- Use clear, descriptive variable names (student_name, start_time, etc.) +- Add comments to describe blocks of logic. + +- ## Need help or have ideas? + +- Check the open issues first. + - If your problem is there, add a comment or up-vote. + - If not there, create a new issue. Be as descriptive as possible. +- Ask in our weekly IT Club office hours (Thursdays at lunch in Room 203). +- For other general problems, email the tech team at techclub@mergingtonhigh.example.edu diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..5c4ac85 100644 --- /dev/null +++ a/SECURITY.md @@ -1,0 +1,28 @@ +# Mergington High School Security Policy + +## Reporting a Vulnerability + +At Mergington High, we take the security of our Extra-Curricular Activities website seriously, especially +since it contains student information. If you discover a security vulnerability, please follow these steps: + +1. **Do not** create an issue on this repository, disclose the vulnerability publicly, or discuss it with other teachers/students. +1. In the top navigation of this repository, click the **Security** tab. +1. In the top right, click the **Report a vulnerability** button. +1. Fill out the provided form. It will request information like: + - A description of the vulnerability + - Steps to reproduce the issue + - Potential impact on student data or website functionality + - Suggested fix (if you have one) +1. Email the IT Club faculty advisor at techsupport@mergingtonhigh.example.edu and inform them you have made a report. **Do not** include any vulnerability details. + +## Response Timeline + +- We will acknowledge receipt of your report within 2 school days +- We will provide an initial assessment within 5 school days +- Critical issues affecting student data will be addressed immediately +- We will create a private fork to solve the issue and invite you as a collaborator so you can see our progress and contribute. + +## Thank You + +Your help in keeping our school's digital resources secure is greatly appreciated! +Responsible disclosure of security vulnerabilities helps protect our entire school community. diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..9d866e3 100644 --- /dev/null +++ a/.github/dependabot.yml @@ -1,0 +1,11 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + - package-ecosystem: "pip" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "weekly" -- rgit 0.1.5