website/TODO.md

29 lines
1.2 KiB
Markdown

# To-do
* rate limiting to prevent abuse - especially on POST requests
* consider removing `events` and `worldmap` modules
* ask Denver about why so many license files
# Done
* ensure appropriate caching headers are used
* remove `internalNavigate`
* add tests for main pages returning 200
* move `SITE_FUNDGOAL` configuration to `settings.py`
* move `sponsors.py` and `sponsors.html` into `supporters` app
* use `<detail>` elements for supporter page hidden sections, rather than
complex jQuery
* remove jQuery
* split the template/content files out from `conservancy/static` into their own
`content` directory (avoid mixing static and non-static content)
* remove `ForceCanonicalHostnameMiddleware` by ensuring canonical redirect and
HTTPS redirect is done by Apache
* standardise settings to replace `settings.py` and `djangocommonsettings.py`
with `settings/prod.py` and move `SECRET_KEY` to an environment variable
* migrate to Django 4.2 LTS
* review `apache2` directory - may be unused
* add deployment script that runs migrations and collects static files
* switch `ParameterValidator` to use `SECRET_KEY` if possible to minimize
non-standard settings
* install staticfiles app