Show unstable features warning on staging instance

docs/source/installation.rst

@@ -84,6 +84,10 @@ to run on a different port than 8000.
    are several steps that may be needed to secure such a deployment.
    Currently, this is not recommendend.
 
+.. tip::
+
+    Set ``STAGING`` to ``False`` in production to disable the staging environment warning.
+
 Execute a Command
 ^^^^^^^^^^^^^^^^^
 

vulnerabilities/templates/footer.html

@@ -1,9 +1,9 @@
 <footer class="footer">
     <div class="content has-text-centered">
         <p>
-            <strong>VulnerableCode</strong> is free software by <a href="https://github.com/nexB/vulnerablecode"> nexB Inc. and others</a> |
-            Source code license: <a href="https://github.com/nexB/vulnerablecode/blob/main/apache-2.0.LICENSE">Apache-2.0</a> |
-            Data license: <a href="https://github.com/nexB/vulnerablecode/blob/main/cc-by-sa-4.0.LICENSE">CC-BY-SA-4.0</a> | <a href="/tos">Terms of Service</a>
+            <strong>VulnerableCode</strong> is free software by <a href="https://github.com/aboutcode-org/vulnerablecode"> nexB Inc. and others</a> |
+            Source code license: <a href="https://github.com/aboutcode-org/vulnerablecode/blob/main/apache-2.0.LICENSE">Apache-2.0</a> |
+            Data license: <a href="https://github.com/aboutcode-org/vulnerablecode/blob/main/cc-by-sa-4.0.LICENSE">CC-BY-SA-4.0</a> | <a href="/tos">Terms of Service</a>
         </p>
     </div>
 </footer>

vulnerabilities/templates/navbar.html

@@ -1,6 +1,18 @@
 {% load utils %}
 
-<nav class="navbar is-dark mb-5 border-bottom-radius" role="navigation" aria-label="main navigation">
+
+{% if STAGING %}
+<div class="notification is-danger has-text-centered is-fixed-top my-0" style="border-radius: 0;">
+    <span class="icon">
+        <i class="fa fa-exclamation-triangle"></i>
+    </span>
+    <strong> Staging Environment:</strong>
+    Content and features may be unstable or change without notice.
+</div>
+{% endif %}
+
+<nav class="navbar is-dark mb-5 border-bottom-radius" role="navigation" aria-label="main navigation"
+    style="border-radius: 0;">
     <div class="navbar-brand ml-3">
         <a class="navbar-item is-size-4 has-text-weight-bold {% active_item 'home' %}" href="{% url 'home' %}">
             VulnerableCode<span class="nexb-orange">.</span>io
@@ -29,26 +41,27 @@
         <div class="navbar-item navbar-item is-cursor-help">
             <div class="dropdown is-right is-hoverable ">
                 <div class="dropdown-trigger has-text-grey-light">About</div>
-                    <div class="dropdown-menu navbar-hover-div" role="menu">
+                <div class="dropdown-menu navbar-hover-div" role="menu">
                     <div class="dropdown-content">
                         <div class="dropdown-item about-hover-div">
 
                             VulnerableCode is a free and open database of software package vulnerabilities.
                             <ul>
                                 <li>
                                     Live chat at <a href="https://gitter.im/aboutcode-org/vulnerablecode">
-                                    https://gitter.im/aboutcode-org/vulnerablecode</a>
+                                        https://gitter.im/aboutcode-org/vulnerablecode</a>
                                 </li>
                                 <li>
-                                    Source code and support at <a href="https://github.com/nexB/vulnerablecode">https://github.com/nexB/vulnerablecode</a>
+                                    Source code and support at <a
+                                        href="https://github.com/nexB/vulnerablecode">https://github.com/nexB/vulnerablecode</a>
                                 </li>
                                 <li>
-                                    Docs at <a href=https://vulnerablecode.readthedocs.org/>
+                                    Docs at <a href=https://vulnerablecode.readthedocs.org />
                                     https://vulnerablecode.readthedocs.org/</a>
                                 </li>
                                 <li>
                                     Sponsored by NLnet <a href="https://nlnet.nl/project/vulnerabilitydatabase/">
-                                    https://nlnet.nl/project/vulnerabilitydatabase/</a> for
+                                        https://nlnet.nl/project/vulnerabilitydatabase/</a> for
                                     <a href="https://www.aboutcode.org/">https://www.aboutcode.org/</a>
                                 </li>
                             </ul>
@@ -59,7 +72,7 @@
         </div>
         <div class="navbar-item navbar-item is-cursor-help">
             <div class="dropdown-trigger has-text-grey-light">
-            v{{ VULNERABLECODE_VERSION }}
+                v{{ VULNERABLECODE_VERSION }}
             </div>
         </div>
     </div>

vulnerablecode/context_processors.py

@@ -7,10 +7,16 @@
 # See https://aboutcode.org for more information about nexB OSS projects.
 #
 
+from django.conf import settings
+
 from vulnerablecode import __version__ as vulnerablecode_version
 
 
 def versions(request):
     return {
         "VULNERABLECODE_VERSION": vulnerablecode_version,
     }
+
+
+def staging(request):
+    return {"STAGING": getattr(settings, "STAGING")}

vulnerablecode/settings.py

@@ -51,6 +51,9 @@
 # SECURITY WARNING: do not  run with debug turned on in production
 DEBUG_UI = env.bool("VULNERABLECODE_DEBUG_UI", default=False)
 
+# WARNING: Set this to False in production
+STAGING = env.bool("STAGING", default=True)
+
 EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
 EMAIL_HOST = env.str("EMAIL_HOST", default="")
 EMAIL_USE_TLS = True
@@ -139,6 +142,7 @@
                 "django.template.context_processors.request",
                 "django.template.context_processors.static",
                 "vulnerablecode.context_processors.versions",
+                "vulnerablecode.context_processors.staging",
             ],
         },
     },