Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update schema development documentation #875

Merged
merged 5 commits into from
Feb 22, 2025
Merged

Update schema development documentation #875

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
9f927db
Update schema development documentation
AbhayTopno Feb 17, 2025
3304ba4
Update CONTRIBUTING.md
AbhayTopno Feb 18, 2025
609337a
Merge branch 'main' into Update_schema_development_documentation
AbhayTopno Feb 21, 2025
6ed98e4
Merge branch 'main' into Update_schema_development_documentation
AbhayTopno Feb 22, 2025
7b93243
Update code
arkid15r Feb 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
46 changes: 31 additions & 15 deletions CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,11 +38,12 @@ Before contributing, ensure you have the following installed:
Follow these steps to set up the OWASP Nest application:

1. **Clone the Repository**:
- Clone the repository code from your GitHub account using the following command:

```bash
git clone https://github.com/<your-account>/<nest-fork>
```
- Clone the repository code from your GitHub account using the following command:

```bash
git clone https://github.com/<your-account>/<nest-fork>
```

1. **Create Environment Files**:

Expand Down Expand Up @@ -84,15 +85,15 @@ Ensure that all `.env` files are saved in **UTF-8 format without BOM (Byte Order

1. **Set Up Algolia**:

- Go to [Algolia](https://www.algolia.com/) and create a free account.
- After creating an account, create an Algolia app.
- Update your `backend/.env` file with the following keys from your Algolia app (use **write** API key for backend):
- Go to [Algolia](https://www.algolia.com/) and create a free account.
- After creating an account, create an Algolia app.
- Update your `backend/.env` file with the following keys from your Algolia app (use **write** API key for backend):

```plaintext
DJANGO_ALGOLIA_APPLICATION_ID=<your-algolia-application-id>
DJANGO_ALGOLIA_WRITE_API_KEY=<your-algolia-write-api-key>
DJANGO_ALGOLIA_APPLICATION_REGION=<your-algolia-application-region> // eu or us
```
```plaintext
DJANGO_ALGOLIA_APPLICATION_ID=<your-algolia-application-id>
DJANGO_ALGOLIA_WRITE_API_KEY=<your-algolia-write-api-key>
DJANGO_ALGOLIA_APPLICATION_REGION=<your-algolia-application-region> // eu or us
```

- Ensure that your API key has index write permissions. You can ignore any onboarding wizard instructions provided by Algolia.

Expand Down Expand Up @@ -124,9 +125,9 @@ Ensure that all `.env` files are saved in **UTF-8 format without BOM (Byte Order
```

1. **Verify API Endpoints**:
- Check that the data is available via these API endpoints:
- [Projects Endpoint](http://localhost:8000/api/v1/owasp/search/project)
- [Issues Endpoint](http://localhost:8000/api/v1/owasp/search/issue)
- Check that the data is available via these API endpoints:
- [Projects Endpoint](http://localhost:8000/api/v1/owasp/search/project)
- [Issues Endpoint](http://localhost:8000/api/v1/owasp/search/issue)

### Optional Steps

Expand Down Expand Up @@ -213,6 +214,21 @@ To setup NestBot development environment, follow these steps:
- Configure your Slack application using [NestBot manifest file](https://github.com/OWASP/Nest/blob/main/backend/apps/slack/MANIFEST.yaml) (copy its contents and save it into `Features -- App Manifest`). You'll need to replace slash commands endpoint with your ngrok static domain path.
- Reinstall your Slack application after making the changes using `Settings -- Install App` section.

#### OWASP Schema Development

The OWASP Schema files are located in the `schema` directory. This is a standalone `pyproject.toml` project with its own test suite.

Please follow these contribution guidelines for OWASP Schema-related changes:

- Order all schema attributes alphabetically where applicable.
- Use the `common.json` definition file for shared object definitions (e.g., chapter, project).
- Include all schema attributes in both required and optional positive test cases.
- Add negative tests for all mandatory attributes, covering empty, invalid, null, and undefined cases.
- Always set `additionalProperties` to `false` and list all mandatory fields in the `required` section.
- Always add `minItems`, `minLength`, and `uniqueItems` where applicable
- When referencing definitions from `common.json`, test both the object's internal structure (in the `common` section) and its references in actual schemas (e.g., chapter, project).
- Run `make check` and `make test-schema` before submitting a PR.

## Code Quality Checks

Nest enforces code quality standards to ensure consistency and maintainability. You can run automated checks locally before pushing your changes:
Expand Down