Highlight weekends in the calendar..(Highlight Saturdays and Sundays in the calendar) #13505
Conversation
🔴 Risk threshold exceeded.This pull request modifies a sensitive file (dojo/templates/dojo/calendar.html) and the scanner flagged multiple sensitive-codepath edits; review the changes and update
🔴 Configured Codepaths Edit in
|
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
🔴 Configured Codepaths Edit in dojo/templates/dojo/calendar.html
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
🔴 Configured Codepaths Edit in dojo/templates/dojo/calendar.html
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
🔴 Configured Codepaths Edit in dojo/templates/dojo/calendar.html
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
🔴 Configured Codepaths Edit in dojo/templates/dojo/calendar.html
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
We've notified @mtesauro.
All finding details can be found in the DryRun Security Dashboard.
dojo/templates/dojo/calendar.html
Outdated
| {% block head_extra %} | ||
| {{ block.super }} | ||
| <!-- fullCalendar CSS from CDN --> | ||
| <link href="https://cdn.jsdelivr.net/npm/fullcalendar@3.10.5/dist/fullcalendar.min.css" rel="stylesheet" /> |
There was a problem hiding this comment.
can you switch to locally bundled js libs please?
dojo/templates/dojo/calendar.html
Outdated
| <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> | ||
| <script src="https://cdn.jsdelivr.net/npm/moment@2.29.4/moment.min.js"></script> | ||
| <script src="https://cdn.jsdelivr.net/npm/fullcalendar@3.10.5/dist/fullcalendar.min.js"></script> | ||
|
|
There was a problem hiding this comment.
can you switch to locally bundled js libs please?
| right: 'month,basicWeek,basicDay' | ||
| }, | ||
| editable: false, | ||
| eventLimit: true, // allow "more" link when too many events |
There was a problem hiding this comment.
can you retain the comment please
valentijnscholten
left a comment
valentijnscholten
left a comment
There was a problem hiding this comment.
thanks for the pr, left some comments
| @@ -1,50 +1,33 @@ | |||
| {% extends 'base.html' %} | |||
There was a problem hiding this comment.
why is this changed/removed?
| {% load i18n %} | ||
|
|
||
| {% block content %} | ||
| {% block head_extra %} |
There was a problem hiding this comment.
why is this changed/removed?
| <form method="GET" id="calfilter" action="/calendar"> | ||
| <div class="container-fluid chosen-container side-by-side"> | ||
| <div class="row"> | ||
| <div style="display: inline-block;"> | ||
| <select data-placeholder="Calendar type" id="caltype" class="chosen-select"> | ||
| <option value="engagements">Engagements</option> | ||
| <option value="tests">Tests</option> | ||
| </select> | ||
| </div> | ||
| <div style="display: inline-block;"> | ||
| <select data-placeholder="All users" multiple id="lead" name="lead" class="chosen-select"> | ||
| <option value="0">All users</option> | ||
| <option value="-1">Unassigned</option> | ||
| {% for u in users %} | ||
| <option value="{{ u.id }}">{{ u.username }}</option> | ||
| {% endfor %} | ||
| </select> | ||
| </div> | ||
| <div style="display: inline-block;"> | ||
| <input class="btn btn-primary" type="submit" value="Apply" /> | ||
| </div> | ||
| </div> | ||
| </div> | ||
| </form> | ||
| <br/><br/> | ||
| <div id="calendar"></div> | ||
| <br/><br/> |
There was a problem hiding this comment.
why is this changed/removed?
valentijnscholten
left a comment
valentijnscholten
left a comment
There was a problem hiding this comment.
Some comments and can you base the PR against the bugfix branch as per the PR instructions?
![accesslint[bot]](https://avatars.githubusercontent.com/in/1502?s=60&v=4){kind=small}
| <div class="container-fluid chosen-container side-by-side"> | ||
| <div class="row"> | ||
| <div style="display: inline-block;"> | ||
| <select data-placeholder="Calendar type" id="caltype" class="chosen-select"> |
There was a problem hiding this comment.
Looks like this element is missing an accessible name or label. That makes it hard for people using screen readers or voice control to use the control.
| </select> | ||
| </div> | ||
| <div style="display: inline-block;"> | ||
| <select data-placeholder="All users" multiple id="lead" name="lead" class="chosen-select"> |
There was a problem hiding this comment.
Looks like this element is missing an accessible name or label. That makes it hard for people using screen readers or voice control to use the control.
…JS/CSS, add accessible labels
|
Hi @valentijnscholten , I checked the remote repository and there is no bugfix branch, only master. Should I base the PR on master instead, or is there another branch I should use? |
|
This branch: https://github.com/DefectDojo/django-DefectDojo/tree/bugfix. In your local clone you should be able to do something like:
|
|
I checked the remote repository, but there doesn’t appear to be a bugfix branch .. |
|
How did you create your fork? Looks like it only has the |
|
But it looks like your vendoring the libraries? The goal is that any new packages must be installed via yarn. |
|
Hi @valentijnscholten , thanks for the feedback! I understand that instead of vendoring the libraries, I should install them via yarn. Should I update the PR to use yarn-managed FullCalendar, or is it okay to keep it vendored for this change? |
|
You need to make the PR in line with the existing codebase which has all dependencies in npm/yarn. |
|
Hello @Wanderer65, Do you need more gelp/guidance? |
|
Well,I am trying check if that is good?? Mayeb aftet that I might need help 😅 |
|
@valentijnscholten yeah please Guidance? |
|
@Wanderer65 At first glance it looked you wanted to add a new npm/yarn package
If it's in You could attempt to upgrade it and make it work, but I'm not sure if the calendar is that high on the list of priorities for the Defect Dojo team. You could run |
2 participants
This PR adds a visual highlight to weekends in the calendar view.
Saturdays and Sundays now have a light yellow background, making it easier for users to distinguish weekends at a glance.
calendar.htmlto includedayRenderlogic for weekend highlightingdayRendercallback for applying stylesNo changes to backend logic; purely frontend enhancement.