Highlight weekends in the calendar..(Highlight Saturdays and Sundays in the calendar) #13505
Conversation
🔴 Risk threshold exceeded.This pull request modifies a sensitive file (dojo/templates/dojo/calendar.html) and the scanner flagged multiple sensitive-codepath edits; review the changes and update
🔴 Configured Codepaths Edit in
|
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
🔴 Configured Codepaths Edit in dojo/templates/dojo/calendar.html
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
🔴 Configured Codepaths Edit in dojo/templates/dojo/calendar.html
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
🔴 Configured Codepaths Edit in dojo/templates/dojo/calendar.html
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
🔴 Configured Codepaths Edit in dojo/templates/dojo/calendar.html
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
We've notified @mtesauro.
All finding details can be found in the DryRun Security Dashboard.
dojo/templates/dojo/calendar.html
Outdated
| {% block head_extra %} | ||
| {{ block.super }} | ||
| <!-- fullCalendar CSS from CDN --> | ||
| <link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/fullcalendar.min.css" rel="stylesheet" /> |
There was a problem hiding this comment.
can you switch to locally bundled js libs please?
dojo/templates/dojo/calendar.html
Outdated
| <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> | ||
| <script src="https://cdn.jsdelivr.net/npm/[email protected]/moment.min.js"></script> | ||
| <script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/fullcalendar.min.js"></script> | ||
|
|
There was a problem hiding this comment.
can you switch to locally bundled js libs please?
| right: 'month,basicWeek,basicDay' | ||
| }, | ||
| editable: false, | ||
| eventLimit: true, // allow "more" link when too many events |
There was a problem hiding this comment.
can you retain the comment please
| @@ -1,50 +1,33 @@ | |||
| {% extends 'base.html' %} | |||
There was a problem hiding this comment.
why is this changed/removed?
| {% load i18n %} | ||
|
|
||
| {% block content %} | ||
| {% block head_extra %} |
There was a problem hiding this comment.
why is this changed/removed?
| <form method="GET" id="calfilter" action="/calendar"> | ||
| <div class="container-fluid chosen-container side-by-side"> | ||
| <div class="row"> | ||
| <div style="display: inline-block;"> | ||
| <select data-placeholder="Calendar type" id="caltype" class="chosen-select"> | ||
| <option value="engagements">Engagements</option> | ||
| <option value="tests">Tests</option> | ||
| </select> | ||
| </div> | ||
| <div style="display: inline-block;"> | ||
| <select data-placeholder="All users" multiple id="lead" name="lead" class="chosen-select"> | ||
| <option value="0">All users</option> | ||
| <option value="-1">Unassigned</option> | ||
| {% for u in users %} | ||
| <option value="{{ u.id }}">{{ u.username }}</option> | ||
| {% endfor %} | ||
| </select> | ||
| </div> | ||
| <div style="display: inline-block;"> | ||
| <input class="btn btn-primary" type="submit" value="Apply" /> | ||
| </div> | ||
| </div> | ||
| </div> | ||
| </form> | ||
| <br/><br/> | ||
| <div id="calendar"></div> | ||
| <br/><br/> |
There was a problem hiding this comment.
why is this changed/removed?
![accesslint[bot]](https://avatars.githubusercontent.com/in/1502?s=60&v=4){kind=small}
| <div class="container-fluid chosen-container side-by-side"> | ||
| <div class="row"> | ||
| <div style="display: inline-block;"> | ||
| <select data-placeholder="Calendar type" id="caltype" class="chosen-select"> |
There was a problem hiding this comment.
Looks like this element is missing an accessible name or label. That makes it hard for people using screen readers or voice control to use the control.
| </select> | ||
| </div> | ||
| <div style="display: inline-block;"> | ||
| <select data-placeholder="All users" multiple id="lead" name="lead" class="chosen-select"> |
There was a problem hiding this comment.
Looks like this element is missing an accessible name or label. That makes it hard for people using screen readers or voice control to use the control.
…JS/CSS, add accessible labels
|
Hi @valentijnscholten , I checked the remote repository and there is no bugfix branch, only master. Should I base the PR on master instead, or is there another branch I should use? |
|
This branch: https://github.com/DefectDojo/django-DefectDojo/tree/bugfix. In your local clone you should be able to do something like:
|
|
I checked the remote repository, but there doesn’t appear to be a bugfix branch .. |
|
How did you create your fork? Looks like it only has the |
|
But it looks like your vendoring the libraries? The goal is that any new packages must be installed via yarn. |
|
Hi @valentijnscholten , thanks for the feedback! I understand that instead of vendoring the libraries, I should install them via yarn. Should I update the PR to use yarn-managed FullCalendar, or is it okay to keep it vendored for this change? |
|
You need to make the PR in line with the existing codebase which has all dependencies in npm/yarn. |
|
Hello @Wanderer65, Do you need more gelp/guidance? |
|
Well,I am trying check if that is good?? Mayeb aftet that I might need help 😅 |
2 participants
This PR adds a visual highlight to weekends in the calendar view.
Saturdays and Sundays now have a light yellow background, making it easier for users to distinguish weekends at a glance.
calendar.htmlto includedayRenderlogic for weekend highlightingdayRendercallback for applying stylesNo changes to backend logic; purely frontend enhancement.