{"id":28758959,"url":"https://github.com/bdr-pro/djangobestpractice","last_synced_at":"2026-04-17T15:01:48.338Z","repository":{"id":297638826,"uuid":"997438648","full_name":"BDR-Pro/DjangoBestPractice","owner":"BDR-Pro","description":"CLI tool to audit Django projects for security, performance, and code quality with scoring out of 100.","archived":false,"fork":false,"pushed_at":"2025-06-06T14:29:06.000Z","size":87,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-06-17T05:01:50.844Z","etag":null,"topics":["cyber","cybersecurity","django","python","security","web"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BDR-Pro.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-06T14:25:25.000Z","updated_at":"2025-06-06T14:29:09.000Z","dependencies_parsed_at":"2025-06-06T15:42:42.833Z","dependency_job_id":null,"html_url":"https://github.com/BDR-Pro/DjangoBestPractice","commit_stats":null,"previous_names":["bdr-pro/djangobestpractice"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/BDR-Pro/DjangoBestPractice","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BDR-Pro%2FDjangoBestPractice","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BDR-Pro%2FDjangoBestPractice/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BDR-Pro%2FDjangoBestPractice/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BDR-Pro%2FDjangoBestPractice/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BDR-Pro","download_url":"https://codeload.github.com/BDR-Pro/DjangoBestPractice/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BDR-Pro%2FDjangoBestPractice/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265934245,"owners_count":23852092,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cyber","cybersecurity","django","python","security","web"],"created_at":"2025-06-17T05:00:48.340Z","updated_at":"2026-04-17T15:01:43.309Z","avatar_url":"https://github.com/BDR-Pro.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🛡️ DjangoBestPractice\n\nA CLI-powered auditing tool to score your Django project out of 100 based on security, performance, and code hygiene best practices.\n\n---\n\n## 🚀 Features\n\n- ✅ Static analysis of `settings.py`, models, views, templates\n- 🔐 Security checks: `DEBUG=True`, missing secure headers, hardcoded secrets, Bandit integration\n- ⚡ Performance checks: missing DB indexes, large static files, uncompressed media\n- 🧼 Code hygiene: tests, README, requirements checks\n- 🧪 Model field validation (`null=True`, `__str__`, `unique_together`)\n- 📊 Output: Markdown, SARIF, JSON, colorful Rich terminal\n- 🔧 `--autofix` to fix insecure settings automatically\n- 📁 Custom per-project config: `.dbp.yaml`\n\n---\n\n## 🧰 Installation\n\n```bash\ngit clone https://github.com/bdr-pro/DjangoBestPractice.git\ncd DjangoBestPractice\npip install -r requirements.txt\n````\n\n---\n\n## 🧪 Usage\n\nRun from your Django project root (where `manage.py` lives):\n\n```bash\npython -m DjangoBestPractice manage.py\n```\n\nOr directly:\n\n```bash\npython cli.py\n```\n\n### 🔍 Optional Flags\n\n| Flag         | Description                                                   |\n| ------------ | ------------------------------------------------------------- |\n| `--autofix`  | Automatically fix `DEBUG`, secure cookies, etc                |\n| `--bandit`   | Run [Bandit](https://github.com/PyCQA/bandit) static analysis |\n| `--markdown` | Export results to `.django_audit/report.md`                   |\n| `--json`     | Export issues to `.django_audit/problems.json`                |\n| `--sarif`    | Export SARIF for GitHub Security tab                          |\n\n---\n\n## ⚙️ Configuration\n\nCustomize your checks via `.dbp.yaml` (auto-generated on first run):\n\n```yaml\nchecks:\n  debug: true\n  cookie_secure: true\n  cors: true\n  secure_headers: true\n  tests: true\n  model_indexes: true\n  hardcoded_secrets: true\n  template_safe: true\n```\n\n---\n\n## 🔒 Security Highlights\n\n- Detects insecure headers, CSRF holes, hardcoded keys\n- Validates `CORS`, `HSTS`, and secure cookies\n- Integrates Bandit for deep code inspection\n- Flags `eval()`, `exec()`, insecure forms\n\n---\n\n## 📦 Exports\n\nReports are saved in `.django_audit/`:\n\n- `report.md`\n- `report.sarif`\n- `problems.json`\n- `bandit.json`\n\n---\n\n## 📈 Scoring System\n\n| Severity | Score Deduction |\n| -------- | --------------- |\n| High     | -10 to -5       |\n| Medium   | -4 to -2        |\n| Low      | -1              |\n\n---\n![alt text](image.png)\n\n## 🧠 Coming Soon\n\n- Interactive autofix prompts\n- GitHub Actions workflow support\n- CI pipeline mode\n- Code coverage integration\n\n---\n\n## 🤝 Contributing\n\nPRs, issues, and ideas are welcome! Let’s make Django apps safer and cleaner, together.\n\n---\n\n## 🐍 License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbdr-pro%2Fdjangobestpractice","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbdr-pro%2Fdjangobestpractice","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbdr-pro%2Fdjangobestpractice/lists"}