From c0b8485b069d41a4221771da9d911f6e025d173b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 15 Dec 2021 15:22:33 +0000
Subject: [PATCH 1/6] Bump djangorestframework from 3.12.4 to 3.13.1

Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.4 to 3.13.1.
- [Release notes](https://github.com/encode/django-rest-framework/releases)
- [Commits](https://github.com/encode/django-rest-framework/compare/3.12.4...3.13.1)

---
updated-dependencies:
- dependency-name: djangorestframework
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index bdb3ad7..1b77afd 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -11,7 +11,7 @@ django-background-tasks==1.2.5
 django-compat==1.0.15
 django-cors-headers==3.10.1
 django-db-logger==0.1.11
-djangorestframework==3.12.4
+djangorestframework==3.13.1
 google-auth==2.3.3
 gunicorn==20.1.0
 idna==3.3

From 7d6a4bcd13b3f8db57eaeaeb9367ee7518b65869 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 10 Feb 2022 15:21:56 +0000
Subject: [PATCH 2/6] Bump django from 3.2.10 to 3.2.12

Bumps [django](https://github.com/django/django) from 3.2.10 to 3.2.12.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.10...3.2.12)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index fc2002f..8a1e439 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -6,7 +6,7 @@ chardet==4.0.0
 charset-normalizer==2.0.9
 colorama==0.4.4
 dj-database-url==0.5.0
-Django==3.2.10
+Django==3.2.12
 django-background-tasks==1.2.5
 django-compat==1.0.15
 django-cors-headers==3.10.1

From 2ede1364b8b25139865d3b852714d8a8f8f9b3f1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 14 Mar 2022 15:27:41 +0000
Subject: [PATCH 3/6] Bump importlib-metadata from 4.8.2 to 4.11.3

Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.8.2 to 4.11.3.
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst)
- [Commits](https://github.com/python/importlib_metadata/compare/v4.8.2...v4.11.3)

---
updated-dependencies:
- dependency-name: importlib-metadata
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index fc2002f..d95cf88 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -15,7 +15,7 @@ djangorestframework==3.12.4
 google-auth==2.3.3
 gunicorn==20.1.0
 idna==3.3
-importlib-metadata==4.8.2
+importlib-metadata==4.11.3
 isort==5.10.1
 jsonfield==3.1.0
 lazy-object-proxy==1.6.0

From 90b2a5681938e8f2bb702146347de0780492db96 Mon Sep 17 00:00:00 2001
From: karthikmv <karthik.murakonda14@gmail.com>
Date: Sat, 9 Apr 2022 22:12:34 +0530
Subject: [PATCH 4/6] Revert "added recaptcha verification"

This reverts commit 7d8fe03b1acafaa86e15389788bf63ccfea89f0b.
---
 CDC_Backend/APIs/companyViews.py    |  5 ++---
 CDC_Backend/APIs/constants.py       |  1 -
 CDC_Backend/APIs/utils.py           | 16 ----------------
 CDC_Backend/CDC_Backend/settings.py |  2 --
 dev.env                             |  1 -
 5 files changed, 2 insertions(+), 23 deletions(-)

diff --git a/CDC_Backend/APIs/companyViews.py b/CDC_Backend/APIs/companyViews.py
index c03f695..b133b81 100644
--- a/CDC_Backend/APIs/companyViews.py
+++ b/CDC_Backend/APIs/companyViews.py
@@ -16,15 +16,14 @@ logger = logging.getLogger('db')
            IS_COMPENSATION_DETAILS_PDF,
            ALLOWED_BRANCH, SELECTION_PROCEDURE_ROUNDS, SELECTION_PROCEDURE_DETAILS, IS_SELECTION_PROCEDURE_DETAILS_PDF,
            TENTATIVE_DATE_OF_JOINING,
-           TENTATIVE_NO_OF_OFFERS, OTHER_REQUIREMENTS, RECAPTCHA_VALUE 
+           TENTATIVE_NO_OF_OFFERS, OTHER_REQUIREMENTS
            ])
 def addPlacement(request):
     try:
         data = request.data
         files = request.FILES
         opening = Placement()
-        if not verify_recaptcha(data[RECAPTCHA_VALUE]):
-            raise Exception("Recaptcha Failed")
+
         opening.id = generateRandomString()
         # Add a company details in the opening
         opening.company_name = data[COMPANY_NAME]
diff --git a/CDC_Backend/APIs/constants.py b/CDC_Backend/APIs/constants.py
index 0fca0ae..af96560 100644
--- a/CDC_Backend/APIs/constants.py
+++ b/CDC_Backend/APIs/constants.py
@@ -117,7 +117,6 @@ OTHER_REQUIREMENTS = 'other_requirements'
 DEADLINE_DATETIME = 'deadline_datetime'
 OFFER_ACCEPTED = 'offer_accepted'
 EMAIL_VERIFIED = 'email_verified'
-RECAPTCHA_VALUE = 'recaptchakey'
 
 STUDENT_LIST = "student_list"
 STUDENT_ID = "student_id"
diff --git a/CDC_Backend/APIs/utils.py b/CDC_Backend/APIs/utils.py
index fc17705..d00e35c 100644
--- a/CDC_Backend/APIs/utils.py
+++ b/CDC_Backend/APIs/utils.py
@@ -19,7 +19,6 @@ from google.auth.transport import requests
 from google.oauth2 import id_token
 from rest_framework import status
 from rest_framework.response import Response
-import requests as rq
 
 from .constants import *
 from .models import User, PrePlacementOffer, PlacementApplication
@@ -234,18 +233,3 @@ def generateOneTimeVerificationLink(email, opening_id, opening_type):
         print(sys.exc_info())
         logger.warning("Utils - generateOneTimeVerificationLink: " + str(sys.exc_info()))
         return False, "_"
-
-def verify_recaptcha(request):
-    try:
-        data = {
-            'secret': settings.RECAPTCHA_SECRET_KEY,
-            'response': request
-        }
-        r = rq.post('https://www.google.com/recaptcha/api/siteverify', data=data)
-        result = r.json()
-        # logger.info("Recaptcha Response: " + str(result)+"request: "+str(data))
-        return result['success']
-    except:
-        print(sys.exc_info())
-        logger.warning("Utils - verify_recaptcha: " + str(sys.exc_info()))
-        return False, "_"
\ No newline at end of file
diff --git a/CDC_Backend/CDC_Backend/settings.py b/CDC_Backend/CDC_Backend/settings.py
index c96c4d8..d524b5b 100644
--- a/CDC_Backend/CDC_Backend/settings.py
+++ b/CDC_Backend/CDC_Backend/settings.py
@@ -161,8 +161,6 @@ EMAIL_PORT = 587
 EMAIL_HOST_USER = os.environ.get("EMAIL")  # 'email here'
 EMAIL_HOST_PASSWORD = os.environ.get("EMAIL_PASSWORD")  # 'password here'
 
-RECAPTCHA_SECRET_KEY = os.environ.get("RECAPTCHA_SECRET_KEY")
-
 LOGGING = {
     'version': 1,
     'disable_existing_loggers': False,
diff --git a/dev.env b/dev.env
index 4c6d245..cfebb89 100644
--- a/dev.env
+++ b/dev.env
@@ -9,4 +9,3 @@ DB_USER=postgres
 DB_PASSWORD=root
 DB_HOST=localhost
 DB_PORT=5432
-RECAPTCHA_SECRET_KEY=6LdXXj4fAAAAADRZvwwsznKPEI-StyN6s_4glHLj

From 5450273a670dc1900511877c52b8a1c7008039d0 Mon Sep 17 00:00:00 2001
From: karthik mv <karthik.murakonda14@gmail.com>
Date: Sun, 10 Apr 2022 23:12:02 +0530
Subject: [PATCH 5/6] added recaptcha verification (#79)

---
 CDC_Backend/APIs/companyViews.py    |  5 +++--
 CDC_Backend/APIs/constants.py       |  1 +
 CDC_Backend/APIs/utils.py           | 16 ++++++++++++++++
 CDC_Backend/CDC_Backend/settings.py |  2 ++
 dev.env                             |  1 +
 5 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/CDC_Backend/APIs/companyViews.py b/CDC_Backend/APIs/companyViews.py
index b133b81..c03f695 100644
--- a/CDC_Backend/APIs/companyViews.py
+++ b/CDC_Backend/APIs/companyViews.py
@@ -16,14 +16,15 @@ logger = logging.getLogger('db')
            IS_COMPENSATION_DETAILS_PDF,
            ALLOWED_BRANCH, SELECTION_PROCEDURE_ROUNDS, SELECTION_PROCEDURE_DETAILS, IS_SELECTION_PROCEDURE_DETAILS_PDF,
            TENTATIVE_DATE_OF_JOINING,
-           TENTATIVE_NO_OF_OFFERS, OTHER_REQUIREMENTS
+           TENTATIVE_NO_OF_OFFERS, OTHER_REQUIREMENTS, RECAPTCHA_VALUE 
            ])
 def addPlacement(request):
     try:
         data = request.data
         files = request.FILES
         opening = Placement()
-
+        if not verify_recaptcha(data[RECAPTCHA_VALUE]):
+            raise Exception("Recaptcha Failed")
         opening.id = generateRandomString()
         # Add a company details in the opening
         opening.company_name = data[COMPANY_NAME]
diff --git a/CDC_Backend/APIs/constants.py b/CDC_Backend/APIs/constants.py
index af96560..0fca0ae 100644
--- a/CDC_Backend/APIs/constants.py
+++ b/CDC_Backend/APIs/constants.py
@@ -117,6 +117,7 @@ OTHER_REQUIREMENTS = 'other_requirements'
 DEADLINE_DATETIME = 'deadline_datetime'
 OFFER_ACCEPTED = 'offer_accepted'
 EMAIL_VERIFIED = 'email_verified'
+RECAPTCHA_VALUE = 'recaptchakey'
 
 STUDENT_LIST = "student_list"
 STUDENT_ID = "student_id"
diff --git a/CDC_Backend/APIs/utils.py b/CDC_Backend/APIs/utils.py
index d00e35c..fc17705 100644
--- a/CDC_Backend/APIs/utils.py
+++ b/CDC_Backend/APIs/utils.py
@@ -19,6 +19,7 @@ from google.auth.transport import requests
 from google.oauth2 import id_token
 from rest_framework import status
 from rest_framework.response import Response
+import requests as rq
 
 from .constants import *
 from .models import User, PrePlacementOffer, PlacementApplication
@@ -233,3 +234,18 @@ def generateOneTimeVerificationLink(email, opening_id, opening_type):
         print(sys.exc_info())
         logger.warning("Utils - generateOneTimeVerificationLink: " + str(sys.exc_info()))
         return False, "_"
+
+def verify_recaptcha(request):
+    try:
+        data = {
+            'secret': settings.RECAPTCHA_SECRET_KEY,
+            'response': request
+        }
+        r = rq.post('https://www.google.com/recaptcha/api/siteverify', data=data)
+        result = r.json()
+        # logger.info("Recaptcha Response: " + str(result)+"request: "+str(data))
+        return result['success']
+    except:
+        print(sys.exc_info())
+        logger.warning("Utils - verify_recaptcha: " + str(sys.exc_info()))
+        return False, "_"
\ No newline at end of file
diff --git a/CDC_Backend/CDC_Backend/settings.py b/CDC_Backend/CDC_Backend/settings.py
index d524b5b..c96c4d8 100644
--- a/CDC_Backend/CDC_Backend/settings.py
+++ b/CDC_Backend/CDC_Backend/settings.py
@@ -161,6 +161,8 @@ EMAIL_PORT = 587
 EMAIL_HOST_USER = os.environ.get("EMAIL")  # 'email here'
 EMAIL_HOST_PASSWORD = os.environ.get("EMAIL_PASSWORD")  # 'password here'
 
+RECAPTCHA_SECRET_KEY = os.environ.get("RECAPTCHA_SECRET_KEY")
+
 LOGGING = {
     'version': 1,
     'disable_existing_loggers': False,
diff --git a/dev.env b/dev.env
index cfebb89..4c6d245 100644
--- a/dev.env
+++ b/dev.env
@@ -9,3 +9,4 @@ DB_USER=postgres
 DB_PASSWORD=root
 DB_HOST=localhost
 DB_PORT=5432
+RECAPTCHA_SECRET_KEY=6LdXXj4fAAAAADRZvwwsznKPEI-StyN6s_4glHLj

From afe055313a6c86b9cd6bfc38f24543336fa9c25d Mon Sep 17 00:00:00 2001
From: Gowtham Sai <66207607+gowtham3105@users.noreply.github.com>
Date: Sun, 10 Apr 2022 23:13:21 +0530
Subject: [PATCH 6/6] Delete codeql-analysis.yml

---
 .github/workflows/codeql-analysis.yml | 71 ---------------------------
 1 file changed, 71 deletions(-)
 delete mode 100644 .github/workflows/codeql-analysis.yml

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
deleted file mode 100644
index 9f38583..0000000
--- a/.github/workflows/codeql-analysis.yml
+++ /dev/null
@@ -1,71 +0,0 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
-name: "CodeQL"
-
-on:
-  push:
-    branches: [ main ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ main ]
-  schedule:
-    - cron: '29 15 * * 1'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'python' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
-        # Learn more:
-        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1