-
Wes Appler authored
Documentation overhaul - Fixing formatting issues, autodoc implementation, and added variables for versions. (#3734) Closes #3639. This is a bit of an overhaul of the docs to make them more easy to utilize. This changes include: - Removal of overhanging public aspects of the documentation - Reformatting of terminal commands to allow for easy copy & pasting - Updating points of contact - Screenshot Updates - Automated code API documentation. [Google's docstring style](https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings) should be used. - Added variables for things like software versions & packages. - Unless python & node version are manually specified, when docs are built these will be pulled from [`.nvmrc`](https://github.com/HyphaApp/hypha/blob/main/.nvmrc) & [`.python-version`](https://github.com/HyphaApp/hypha/blob/main/.python-version) - Consolidated the production and development guides into one location (both under `Setup` rather than one under `Getting Started` and one under `Setup`), and updated them to be similar to one another. - Added different steps for getting Hypha development deployed under multiple OSs
Wes Appler authoredDocumentation overhaul - Fixing formatting issues, autodoc implementation, and added variables for versions. (#3734) Closes #3639. This is a bit of an overhaul of the docs to make them more easy to utilize. This changes include: - Removal of overhanging public aspects of the documentation - Reformatting of terminal commands to allow for easy copy & pasting - Updating points of contact - Screenshot Updates - Automated code API documentation. [Google's docstring style](https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings) should be used. - Added variables for things like software versions & packages. - Unless python & node version are manually specified, when docs are built these will be pulled from [`.nvmrc`](https://github.com/HyphaApp/hypha/blob/main/.nvmrc) & [`.python-version`](https://github.com/HyphaApp/hypha/blob/main/.python-version) - Consolidated the production and development guides into one location (both under `Setup` rather than one under `Getting Started` and one under `Setup`), and updated them to be similar to one another. - Added different steps for getting Hypha development deployed under multiple OSs
Security
We take security very seriously. We welcome any peer review of our 100% open source code to ensure the information submitted through this platform or other who rely upon it is not compromised or that hacked.
Where should I report security issues?
In order to give the community time to respond and upgrade we strongly urge you report all security issues privately. Please email disclosure@opentech.fund with details and reproduction steps. Security issues always take precedence over bug fixes and feature work. We can and do mark releases as "urgent" if they contain serious security fixes.
For a list of recent security commits, check our GitHub commits prefixed with SECURITY.
Password Storage
This application relies upon Django's good use of the PBKDF2 algorithm to encrypt salted passwords. This algorithm is blessed by NIST. Security experts on the web tend to agree that PBKDF2 is a secure choice.
Security in Django
For more information on the security features within this application, please see Security in Django, which includes information on:
- Cross site scripting (XSS) protection
- Cross site request forgery (CSRF) protection
- SQL injection protection
- Clickjacking protection
- SSL/HTTPS
- Host header validation
- Session security
- User-uploaded content
- Additional security topics