summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStorm B. Heg <storm@stormbase.digital>2025-05-01 14:42:06 +0200
committerSaptak Sengupta <saptak013@gmail.com>2026-02-19 22:35:40 +0530
commit62dc69f2b719f831244ff965c28daa3c9441aa11 (patch)
treeed13ca0e75e73cdac13009ecfb572e8fbef5a8db
parent297edb86e256e5dd215207a3adb1c1910364ab45 (diff)
Add test to check security.txt expiration
-rw-r--r--djangoproject/tests.py38
1 files changed, 38 insertions, 0 deletions
diff --git a/djangoproject/tests.py b/djangoproject/tests.py
index 2c674321..cce5be68 100644
--- a/djangoproject/tests.py
+++ b/djangoproject/tests.py
@@ -1,3 +1,4 @@
+from datetime import datetime, timedelta
from http import HTTPStatus
from io import StringIO
@@ -211,3 +212,40 @@ class Header1Tests(ReleaseMixin, TestCase):
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertContains(response, "<h1", count=1)
+
+
+class SecurityTxtFileTests(TestCase):
+ """
+ Tests for the security.txt file.
+ """
+
+ def test_security_txt_not_expired(self):
+ """
+ The security.txt file should not be expired.
+ """
+ FILE_PATH = settings.BASE_DIR / ".well-known" / "security.txt"
+ with open(FILE_PATH) as f:
+ content = f.read()
+ # Read the line that starts with "Expires:", and parse the date.
+ for line in content.splitlines():
+ if line.startswith("Expires:"):
+ expires = line.strip("Expires: ")
+ break
+ else:
+ self.fail("No Expires line found in security.txt")
+
+ expires_date = datetime.strptime(
+ expires,
+ "%Y-%m-%dT%H:%M:%S.%fZ",
+ ).date()
+ # We should ideally be two weeks early with updating - active over reactive
+ cutoff = (datetime.now() - timedelta(days=15)).date()
+ self.assertGreater(
+ expires_date,
+ cutoff,
+ "The security.txt file is close to expiring. \
+Please update the 'Expires' line in to confirm the contents are \
+still accurate: {}".format(
+ FILE_PATH
+ ),
+ )