Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
218 commits
Select commit Hold shift + click to select a range
6266610
fix(parsers): use unsaved_tags instead of tags= in Finding constructo…
valentijnscholten Apr 1, 2026
0f7c99a
fix: resolve ruff D203 and COM812 lint errors from formatter conflict
valentijnscholten Apr 1, 2026
ca68a95
fix: update tests to check unsaved_tags instead of tags
valentijnscholten Apr 1, 2026
69a25ab
Add Endpoint capability to Wazuh 4.8 exporter
Apr 2, 2026
4f9ba0e
fix: correct unsaved_tags assertions to expect lists and fix tag orde…
valentijnscholten Apr 5, 2026
02e657a
Merge branch 'bugfix' into fix/parser-tags-performance
valentijnscholten Apr 6, 2026
667c0e6
refactor: revert ruff formatting changes, keep only unsaved_tags logic
valentijnscholten Apr 6, 2026
d80353b
Update versions in application files
Apr 6, 2026
18b76ca
Merge pull request #14646 from DefectDojo/master-into-bugfix/2.57.0-2…
rossops Apr 6, 2026
7424cc0
update SAML for cloud vs on-prem
paulOsinski Apr 7, 2026
5e8b695
add guidance on enabling hierarchy feature for cloud customers
paulOsinski Apr 7, 2026
e239ba0
add best practices for API import, pagination, asyc deletion
paulOsinski Apr 7, 2026
4499ba7
add jira service account note
paulOsinski Apr 7, 2026
040e988
add beta notice, links to integrators docs
paulOsinski Apr 7, 2026
ce43605
update sonarqube docs
paulOsinski Apr 7, 2026
1d79125
watson middleware: handle SuspiciousOperationException (#14650)
valentijnscholten Apr 8, 2026
aa6dcb9
update changelog
paulOsinski Apr 8, 2026
8028289
Merge branch 'bugfix' into april-docs
paulOsinski Apr 8, 2026
5c47b14
add unit test
paulOsinski Apr 8, 2026
21aab02
replace <pre> wrappers and update CSS on reports
paulOsinski Apr 8, 2026
70d785c
:bug: fix govulncheck ndjson ouput #14642
manuel-sommer Apr 9, 2026
79f744e
:tada: add CNNVD to vulnid
manuel-sommer Apr 9, 2026
be30d1f
Merge branch 'bugfix' into fix/parser-tags-performance
valentijnscholten Apr 9, 2026
d89ee43
Update versions in application files
Apr 6, 2026
9349a44
chore(deps): bump ruff from 0.15.8 to 0.15.9
manuel-sommer Apr 8, 2026
2827ad9
update
manuel-sommer Apr 9, 2026
73e5f83
store more parameters in import settings
valentijnscholten Apr 9, 2026
fcfadce
chore(deps): bump lodash from 4.17.23 to 4.18.1 in /docs (#14648)
dependabot[bot] Apr 11, 2026
ae6c5dd
chore(deps-dev): bump vite from 7.3.1 to 7.3.2 in /docs (#14651)
dependabot[bot] Apr 11, 2026
acec7cf
chore(deps): bump cryptography from 46.0.6 to 46.0.7 (#14660)
dependabot[bot] Apr 11, 2026
3d96fd0
Merge branch 'bugfix' into upgrade_ruff_0159
Maffooch Apr 11, 2026
e200b5a
chore(deps): bump django from 5.2.12 to 5.2.13 (#14664)
dependabot[bot] Apr 11, 2026
772ecae
[docs] Improve Snyk parser documentation with export instructions and…
balaakasam Apr 12, 2026
30d0303
Merge pull request #14663 from manuel-sommer/upgrade_ruff_0159
rossops Apr 13, 2026
838cbc3
Merge pull request #14665 from paulOsinski/april-docs
rossops Apr 13, 2026
e891946
Merge pull request #14671 from manuel-sommer/fix_14642
rossops Apr 13, 2026
701d5cd
Merge pull request #14672 from manuel-sommer/vulnid_cnnvd
rossops Apr 13, 2026
fdcdc34
update invicti parser to use FirstSeenDate (#14610)
paulOsinski Apr 13, 2026
3262640
Merge pull request #14626 from valentijnscholten/fix/parser-tags-perf…
rossops Apr 13, 2026
d4ed665
Merge pull request #14629 from DeWaRs1206/fix_wazuh48_exporter
rossops Apr 13, 2026
944faa7
Merge pull request #14673 from valentijnscholten/feat/import_settings…
rossops Apr 13, 2026
377d6d0
Update versions in application files
Apr 13, 2026
2f25c45
Merge pull request #14677 from DefectDojo/release/2.57.1
rossops Apr 13, 2026
7154e5c
Update versions in application files
Apr 13, 2026
5f13e4d
Update versions in application files
Apr 13, 2026
591f1f7
Merge branch 'dev' into master-into-dev/2.57.1-2.58.0-dev
Maffooch Apr 13, 2026
9f92409
Merge pull request #14679 from DefectDojo/master-into-bugfix/2.57.1-2…
rossops Apr 13, 2026
5a72b4e
Merge pull request #14678 from DefectDojo/master-into-dev/2.57.1-2.58…
rossops Apr 13, 2026
750672f
Merge branch 'dev' into docs/improve-snyk-documentation
Maffooch Apr 14, 2026
df916fd
Update dependency renovatebot/renovate from 43.110.14 to v43.112.1 (.…
renovate[bot] Apr 14, 2026
2b24200
Merge branch 'bugfix' into report-css-fix
Maffooch Apr 14, 2026
8a2100e
chore(deps): bump pillow from 12.1.1 to 12.2.0 (#14680)
dependabot[bot] Apr 15, 2026
0cbc2dc
Update python:3.13.13-alpine3.22 Docker digest from 3.13.13 to v (Doc…
renovate[bot] Apr 15, 2026
9877afe
Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Do…
renovate[bot] Apr 15, 2026
3563810
Update actions/cache action from v5.0.4 to v5.0.5 (.github/workflows/…
renovate[bot] Apr 15, 2026
7faee81
Update actions/upload-artifact action from v7.0.0 to v7.0.1 (.github/…
renovate[bot] Apr 15, 2026
c11447c
chore(deps): bump drf-spectacular-sidecar from 2026.4.1 to 2026.4.14 …
dependabot[bot] Apr 15, 2026
5ca9e64
chore(deps): bump pygithub from 2.9.0 to 2.9.1 (#14689)
dependabot[bot] Apr 15, 2026
46295df
chore(deps): bump ruff from 0.15.9 to 0.15.10 (#14690)
dependabot[bot] Apr 15, 2026
c26028d
Update peter-evans/create-pull-request action from v8.1.0 to v8.1.1 (…
renovate[bot] Apr 15, 2026
b284c49
Update softprops/action-gh-release action from v2.6.1 to v2.6.2 (.git…
renovate[bot] Apr 15, 2026
1d43d4d
chore(deps): bump django-dbbackup from 5.2.0 to 5.3.0 (#14694)
dependabot[bot] Apr 15, 2026
df387b7
Update docker/build-push-action action from v7.0.0 to v7.1.0 (.github…
renovate[bot] Apr 15, 2026
8b05e4c
Update valkey Docker tag from 0.18.0 to v0.19.0 (helm/defectdojo/Char…
renovate[bot] Apr 15, 2026
91d83e4
chore(deps): bump lxml from 6.0.2 to 6.0.4 (#14692)
dependabot[bot] Apr 16, 2026
76d8ed8
:tada: add mozilla foundation sec advice to vulnid
manuel-sommer Apr 16, 2026
aec3fef
Added ssrf utils file to check urls and applied it to risk recon pars…
Jino-T Apr 16, 2026
7f54671
Use RBAC for accept_risks API endpoints (#14632)
Jino-T Apr 16, 2026
eea3e47
Change to reactivating risk accepted findings (#14633)
Jino-T Apr 16, 2026
9d661d7
Add permission checks for moving engagements between products (#14634)
Jino-T Apr 16, 2026
4df60d0
Add CLAUDE.md with module reorganization playbook
Maffooch Apr 17, 2026
56c84a7
Update CLAUDE.md
Maffooch Apr 17, 2026
c1b2526
:tada: add fix_available and fix_version to govulncheck (#14681)
manuel-sommer Apr 17, 2026
4a0abbd
fix: clean up template rendering for endpoint user fields (#14682)
Maffooch Apr 17, 2026
1812598
Update release-drafter/release-drafter action from v7.1.1 to v7.2.0 (…
renovate[bot] Apr 17, 2026
e9d187b
Update actions/github-script action from v8.0.0 to v9 (.github/workfl…
renovate[bot] Apr 17, 2026
45d9d95
Update softprops/action-gh-release action from v2.6.2 to v3 (.github/…
renovate[bot] Apr 17, 2026
4decd88
Validate consistency between ID-based and name-based identifiers in i…
Jino-T Apr 17, 2026
1fa86bc
Update mccutchen/go-httpbin Docker tag from 2.21.0 to v2.22.1 (docker…
renovate[bot] Apr 17, 2026
c51d018
tests: read raw template string
paulOsinski Apr 17, 2026
1cffc13
Merge branch 'report-css-fix' of https://github.com/paulOsinski/djang…
paulOsinski Apr 17, 2026
6b26aae
implement versioned_fixtures in test
paulOsinski Apr 17, 2026
8675647
Merge branch 'bugfix' into report-css-fix
paulOsinski Apr 17, 2026
acaa26f
Merge branch 'dev' into docs/improve-snyk-documentation
balaakasam Apr 19, 2026
a61ceeb
Merge pull request #14703 from manuel-sommer/mozilla_vulnid
rossops Apr 20, 2026
9e935c4
Merge pull request #14705 from Maffooch/chore/module-reorganization-p…
rossops Apr 20, 2026
412570f
Merge pull request #14666 from paulOsinski/report-css-fix
rossops Apr 20, 2026
43b2238
Add centralized banner system with OS messaging support (#14708)
Maffooch Apr 20, 2026
5cbf87b
Update versions in application files
Apr 20, 2026
3adf4cd
Merge pull request #14711 from DefectDojo/release/2.57.2
rossops Apr 20, 2026
7a00fbe
Update versions in application files
Apr 20, 2026
fe3622a
Update versions in application files
Apr 20, 2026
e507378
Merge branch 'dev' into master-into-dev/2.57.2-2.58.0-dev
rossops Apr 20, 2026
0349f01
perf: bulk-apply parser-supplied per-finding tags during import (#14701)
valentijnscholten Apr 20, 2026
a00effe
chore: reorganize dedupe code (#14641)
valentijnscholten Apr 20, 2026
5024e7e
Merge pull request #14712 from DefectDojo/master-into-dev/2.57.2-2.58…
Maffooch Apr 21, 2026
577a9ed
Merge pull request #14713 from DefectDojo/master-into-bugfix/2.57.2-2…
Maffooch Apr 21, 2026
d52c76f
Merge pull request #14709 from DefectDojo/renovate/renovatebot-renova…
renovate[bot] Apr 22, 2026
da3232c
docs optimization: use defer instead of async (#14715)
paulOsinski Apr 22, 2026
063233c
chore(deps): bump lxml from 6.0.2 to 6.1.0 (#14719)
dependabot[bot] Apr 22, 2026
63da732
docs(pro changelog): add 2.57.1 and 2.57.2 entries (#14736)
Maffooch Apr 22, 2026
ac8bd4c
Update postgres:18.3-alpine Docker digest from 18.3 to 18.3-alpine (d…
renovate[bot] Apr 22, 2026
a6282ab
Update python:3.13.13-alpine3.22 Docker digest from 3.13.13 to v (Doc…
renovate[bot] Apr 22, 2026
64931bc
docs: global component deduplication (#14717)
paulOsinski Apr 22, 2026
8beedaf
chore(deps): bump social-auth-core from 4.8.5 to 4.8.6 (#14723)
dependabot[bot] Apr 22, 2026
9ed69cb
chore(deps): bump ruff from 0.15.10 to 0.15.11 (#14726)
dependabot[bot] Apr 22, 2026
7228bc5
Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Do…
renovate[bot] Apr 22, 2026
13f82d8
Update dependency kubernetes from 1.33.10 to v1.33.11 (.github/workfl…
renovate[bot] Apr 22, 2026
c531dbd
Update dependency kubernetes/kubernetes from v1.35.3 to v1.35.4 (.git…
renovate[bot] Apr 22, 2026
54cb93b
Update actions/setup-node action from v6.3.0 to v6.4.0 (.github/workf…
renovate[bot] Apr 22, 2026
835b0bc
Update valkey Docker tag from 0.19.0 to v0.20.0 (helm/defectdojo/Char…
renovate[bot] Apr 22, 2026
ecaf38d
chore(deps): bump gitpython from 3.1.46 to 3.1.47 (#14725)
dependabot[bot] Apr 23, 2026
7009311
Update dependency node from 24.14.1 to v24.15.0 (.github/workflows/va…
renovate[bot] Apr 23, 2026
485f8bd
chore(deps): bump social-auth-app-django from 5.6.0 to 5.8.0 (#14724)
dependabot[bot] Apr 24, 2026
a5dd701
make MAX_ZIP* settings configurable (#14730)
fopina Apr 24, 2026
f5ece47
Fix Contrast parser collapsing findings with the same rule name (#14714)
Jino-T Apr 24, 2026
fab2b66
:tada: add watchguard security advisory (#14742)
manuel-sommer Apr 24, 2026
8428317
Locations performance improvements (#14718)
dogboat Apr 24, 2026
d9af52d
fix: improve SLA breach notification format and update overdue/remain…
Maffooch Apr 24, 2026
2cfda15
:bug: fix KeyError raised on Engineer Metrics #14737 (#14741)
manuel-sommer Apr 24, 2026
bf5998f
Dispatch create-path notifications async to fix slow POST latency (#1…
Maffooch Apr 24, 2026
a200ad7
refactor: decouple Jira integration into dojo/jira package (#14743)
Maffooch Apr 24, 2026
f1611d7
Merge branch 'dev' into docs/improve-snyk-documentation
balaakasam Apr 25, 2026
354e6bd
chore(deps): bump gitpython from 3.1.46 to 3.1.47 (#14753)
dependabot[bot] Apr 27, 2026
7b5e4cf
Update dependency renovatebot/renovate from 43.139.4 to v43.141.6 (.g…
renovate[bot] Apr 27, 2026
1a8b491
ci: auto-label release PRs with release-management (#14744)
Maffooch Apr 27, 2026
88144dc
deptrack parser + test fixes and improvements (#14748)
valentijnscholten Apr 27, 2026
a7abba8
[pro] add DD-Orchestrator upgrade instructions for on-prem customers …
paulOsinski Apr 27, 2026
6113e53
Update versions in application files
Apr 27, 2026
1d8a9a1
Merge pull request #14760 from DefectDojo/release/2.57.3
rossops Apr 27, 2026
4b9b7de
Update versions in application files
Apr 27, 2026
8f693ec
Update versions in application files
Apr 27, 2026
1f4c6f0
Merge branch 'dev' into master-into-dev/2.57.3-2.58.0-dev
Maffooch Apr 27, 2026
8447e5c
Update announcement banner tests to check for data-source attribute
Maffooch Apr 27, 2026
f5eb6e0
Update announcement banner tests to exclude elements with data-source…
Maffooch Apr 27, 2026
5178368
Merge pull request #14761 from DefectDojo/master-into-dev/2.57.3-2.58…
Maffooch Apr 27, 2026
fba9eac
Merge pull request #14762 from DefectDojo/master-into-bugfix/2.57.3-2…
Maffooch Apr 27, 2026
e87892c
Merge pull request #14768 from DefectDojo/docs/pro-changelog-2.57.3
Maffooch Apr 28, 2026
2b7ae01
fix(sonarqube): mdDesc fallback
samiat4911 Apr 28, 2026
729a73a
chore(deps): bump social-auth-core from 4.8.6 to 4.8.7 (#14784)
dependabot[bot] Apr 29, 2026
6e91eeb
chore(deps): bump vulners from 3.1.8 to 3.1.9 (#14782)
dependabot[bot] Apr 30, 2026
07b1c5b
chore(deps): bump datatables.net from 2.3.7 to 2.3.8 in /components (…
dependabot[bot] Apr 30, 2026
0ad26c7
chore(deps): bump ruff from 0.15.11 to 0.15.12 (#14778)
dependabot[bot] Apr 30, 2026
ff60954
Update openapitools/openapi-generator-cli Docker tag from v7.21.0 to …
renovate[bot] Apr 30, 2026
2be5d70
Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Do…
renovate[bot] Apr 30, 2026
842fd2b
chore(deps): bump postcss from 8.5.6 to 8.5.12 in /docs (#14759)
dependabot[bot] Apr 30, 2026
8da0d88
Bulk delete findings: extension hook (#14740)
valentijnscholten Apr 30, 2026
d0fcc0d
Consolidate GitHub integration into self-contained dojo/github/ packa…
Maffooch Apr 30, 2026
40e33d4
fix: align planned remediation version column in findings list (#14773)
valentijnscholten Apr 30, 2026
2c86b42
chore(deps): bump pyopenssl from 26.0.0 to 26.1.0 (#14777)
dependabot[bot] Apr 30, 2026
9f4d6c2
test: extend and consolidate tag inheritance tests into test_tag_inhe…
valentijnscholten Apr 30, 2026
0f800eb
add Test docs for OS and Pro (#14750)
dangoelz Apr 30, 2026
97c0e27
feat(coverity-api): add support for RESOURCE_LEAK quality findings (#…
Jino-T Apr 30, 2026
c142817
chore(deps): bump python-gitlab from 8.2.0 to 8.3.0 (#14781)
dependabot[bot] Apr 30, 2026
7ea54d4
refactor: consolidate notifications into dojo/notifications/ package …
Maffooch Apr 30, 2026
16f1701
chore(deps): bump gitpython from 3.1.47 to 3.1.49 (#14783)
dependabot[bot] Apr 30, 2026
171d60b
refactor: consolidate scattered SSO code into a dedicated dojo/sso/ p…
Maffooch Apr 30, 2026
a567c14
add OS + Pro Engagement articles (#14583)
dangoelz Apr 30, 2026
8882c61
Fix #14623: Add created and updated date filters to ApiRiskAcceptance…
NasorHidar Apr 30, 2026
8348cb6
Jira webhook: stop mis-mitigating findings on non-"done" issues (#14716)
paulOsinski May 1, 2026
29fb41e
refactor: consolidate audit-log code into dojo/auditlog/ package (#14…
Maffooch May 1, 2026
0dee7bc
feat(parsers): add Qualys VMDR CSV parser (#14453)
skywalke34 May 1, 2026
bf60a27
Update release-drafter/release-drafter action from v7.2.0 to v7.2.1 (…
renovate[bot] May 1, 2026
3e672ff
fix cascade delete bug and default (#14772)
valentijnscholten May 2, 2026
b0aed7a
Remove 'safe' filter from description output (#14789)
Maffooch May 3, 2026
c65919f
perf test: cover unsaved tags and vulnerability_ids
valentijnscholten May 3, 2026
1d6f2c8
warmup cache
valentijnscholten May 3, 2026
6d03180
async delete: remove obsolete outside scope delete
valentijnscholten May 3, 2026
fc1c8e5
Merge pull request #14770 from samiat4911/fix/sonarqube-md-desc-fallback
rossops May 4, 2026
e569347
Merge pull request #14798 from valentijnscholten/fix/remove-obsolete-…
rossops May 4, 2026
47b993c
Merge pull request #14796 from valentijnscholten/perf-test-tags-vulnids
rossops May 4, 2026
c1981f3
Remove pickle from forms and Celery serializer (#14791)
Maffooch May 4, 2026
344c913
Remove safe filter from description in alert template
Maffooch May 4, 2026
16c0597
Restore `safe` template tag on bugfix
Maffooch May 4, 2026
0f1154f
reconcile file difference
Maffooch May 4, 2026
909e4cf
Restore space
Maffooch May 4, 2026
4e50972
Merge pull request #14800 from DefectDojo/bugfix
rossops May 4, 2026
8610e09
Update versions in application files
May 4, 2026
8bc2b62
Merge pull request #14801 from DefectDojo/release/2.58.0
rossops May 4, 2026
ea17080
Update versions in application files
May 4, 2026
e295e4f
Update versions in application files
May 4, 2026
e1cc7d4
Merge pull request #14804 from DefectDojo/master-into-bugfix/2.58.0-2…
rossops May 4, 2026
861973b
Merge pull request #14803 from DefectDojo/master-into-dev/2.58.0-2.59…
rossops May 4, 2026
08eee6a
fix broken link (#14802)
paulOsinski May 6, 2026
43ebacd
endpoint: optimize __eq__ via product_id (#14806)
valentijnscholten May 6, 2026
3f48b5b
Update versions in application files
May 6, 2026
8a99ad6
Merge pull request #14828 from DefectDojo/release/2.58.1
Maffooch May 6, 2026
1e4aa61
Update versions in application files
May 6, 2026
24381c0
Merge branch 'dev' into master-into-dev/2.58.1-2.59.0-dev
Maffooch May 6, 2026
1c2f4ec
Merge pull request #14830 from DefectDojo/master-into-dev/2.58.1-2.59…
Maffooch May 6, 2026
aa19631
Update valkey Docker tag from 0.20.0 to v0.20.1 (helm/defectdojo/Char…
renovate[bot] May 7, 2026
510e69b
Update losisin/helm-docs-github-action action from v1.8.0 to v2 (.git…
renovate[bot] May 7, 2026
9656a93
Update actions/labeler action from v6.0.1 to v6.1.0 (.github/workflow…
renovate[bot] May 7, 2026
e5a017b
Update losisin/helm-values-schema-json-action action from v2.5.0 to v…
renovate[bot] May 7, 2026
c808e3f
chore(deps): bump easymde from 2.20.0 to 2.21.0 in /components (#14817)
dependabot[bot] May 7, 2026
7cb2cf3
chore(deps): bump pyopenssl from 26.1.0 to 26.2.0 (#14818)
dependabot[bot] May 7, 2026
8177bcc
chore(deps): bump django-polymorphic from 4.11.2 to 4.11.3 (#14821)
dependabot[bot] May 7, 2026
81936b0
chore(deps): bump psycopg from 3.3.3 to 3.3.4 (#14822)
dependabot[bot] May 7, 2026
f8ca4a1
chore(deps): bump gitpython from 3.1.49 to 3.1.50 (#14823)
dependabot[bot] May 7, 2026
2e12838
chore(deps): bump drf-spectacular-sidecar from 2026.4.14 to 2026.5.1 …
dependabot[bot] May 7, 2026
5244e7a
chore(deps): bump social-auth-app-django from 5.8.0 to 5.9.0 (#14826)
dependabot[bot] May 7, 2026
76a2323
test: pin query-count baselines for tag inheritance hot paths (#14811)
valentijnscholten May 7, 2026
5deca76
Update valkey/valkey Docker tag from 9.0.3 to v9.0.4 (docker-compose.…
renovate[bot] May 7, 2026
84716d0
Merge branch 'dev' into docs/improve-snyk-documentation
paulOsinski May 7, 2026
3b4bcde
perf(dupe-delete): use bulk_delete_findings + correlated subquery in …
valentijnscholten May 7, 2026
e6ca9c5
add russian lang (#14799)
polishchukd May 7, 2026
f1e7025
test: add background param to import all unit tests command (#14805)
valentijnscholten May 7, 2026
450a683
cascade delete: prepare preview_only parameter (#14810)
valentijnscholten May 8, 2026
79f58ec
Add mitigation finding filters and complete mitigation filter tests (…
bendnema May 8, 2026
6788368
perf(tags): bulk-propagate inherited tags + gate child post_save on c…
valentijnscholten May 8, 2026
dd6fcf8
docs(snyk): fix broken internal link to Snyk Code parser
paulOsinski May 8, 2026
7ac0d9d
perf(tags): centralize tag inheritance + replace signal disconnect wi…
valentijnscholten May 8, 2026
6e4a324
feat(parsers): add Xygeni JSON parser (SAST, SCA, Secrets) (#14769)
lmrb-1968 May 8, 2026
817a36c
remove: questionnaire API endpoints (2.56 deprecation, 2.59 EOL) (#14…
Maffooch May 8, 2026
f50bb18
remove: Stub Findings (2.57 deprecation, 2.59 EOL) (#14837)
Maffooch May 8, 2026
b681610
remove: Credential Manager (2.57 deprecation, 2.59 EOL) (#14836)
Maffooch May 8, 2026
558a3d2
feat(importers): apply import-time tags per batch before post-process…
valentijnscholten May 8, 2026
11ea2c5
Merge branch 'dev' into docs/improve-snyk-documentation
balaakasam May 10, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
7 changes: 4 additions & 3 deletions .dryrunsecurity.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,8 @@ sensitiveCodepaths:
- 'dojo/group/*.py'
- 'dojo/importers/*.py'
- 'dojo/importers/**/*.py'
- 'dojo/jira_link/*.py'
- 'dojo/jira/*.py'
- 'dojo/jira/**/*.py'
- 'dojo/metrics/*.py'
- 'dojo/note_type/*.py'
- 'dojo/notes/*.py'
Expand All @@ -40,8 +41,8 @@ sensitiveCodepaths:
- 'dojo/middleware.py'
- 'dojo/models.py'
- 'dojo/okta.py'
- 'dojo/pipeline.py'
- 'dojo/remote_user.py'
- 'dojo/sso/pipeline.py'
- 'dojo/sso/remote_user.py'
- 'dojo/tasks.py'
- 'dojo/urls.py'
- 'dojo/utils.py'
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/build-docker-images-for-testing.yml
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ jobs:

- name: Build
id: docker_build
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
timeout-minutes: 15
env:
DOCKER_BUILD_CHECKS_ANNOTATIONS: false
Expand All @@ -67,7 +67,7 @@ jobs:
# export docker images to be used in next jobs below
- name: Upload image ${{ matrix.docker-image }} as artifact
timeout-minutes: 15
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: built-docker-image-${{ matrix.docker-image }}-${{ matrix.os }}-${{ env.PLATFORM }}
path: ${{ matrix.docker-image }}-${{ matrix.os }}-${{ env.PLATFORM }}_img
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/fetch-oas.yml
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ jobs:
run: docker compose down

- name: Upload oas.${{ matrix.file-type }} as artifact
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: oas-${{ matrix.file-type }}
path: oas.${{ matrix.file-type }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/gh-pages.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,12 +22,12 @@ jobs:
extended: true

- name: Setup Node
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: '24.14.1' # TODO: Renovate helper might not be needed here - needs to be fully tested
node-version: '24.15.0' # TODO: Renovate helper might not be needed here - needs to be fully tested

- name: Cache dependencies
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
Expand Down
2 changes: 0 additions & 2 deletions .github/workflows/integration-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@ jobs:
"tests/check_various_pages.py",
"tests/close_old_findings_dedupe_test.py",
"tests/close_old_findings_test.py",
"tests/credential_test.py",
"tests/dashboard_test.py",
"tests/dedupe_test.py",
"tests/endpoint_extended_test.py",
Expand All @@ -46,7 +45,6 @@ jobs:
"tests/notification_webhook_test.py",
"tests/notifications_test.py",
"tests/object_test.py",
"tests/product_credential_test.py",
"tests/product_group_test.py",
"tests/product_member_test.py",
"tests/product_metadata_test.py",
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/k8s-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,9 @@ jobs:
# databases, broker and k8s are independent, so we don't need to test each combination
# lastest k8s version (https://kubernetes.io/releases/) and the oldest officially supported version
# are tested (https://kubernetes.io/releases/)
- k8s: 'v1.35.3' # renovate: datasource=github-releases depName=kubernetes/kubernetes versioning=loose
- k8s: 'v1.35.4' # renovate: datasource=github-releases depName=kubernetes/kubernetes versioning=loose
os: debian
- k8s: '1.33.10' # renovate: datasource=custom.endoflife-oldest-maintained depName=kubernetes
- k8s: '1.33.11' # renovate: datasource=custom.endoflife-oldest-maintained depName=kubernetes
os: debian
steps:
- name: Checkout
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pr-labeler.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
name: "Autolabeler"
runs-on: ubuntu-latest
steps:
- uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6.0.1
- uses: actions/labeler@f27b608878404679385c85cfa523b85ccb86e213 # v6.1.0
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"
sync-labels: true
12 changes: 9 additions & 3 deletions .github/workflows/release-1-create-pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ jobs:
grep -H version helm/defectdojo/Chart.yaml

- name: Run helm-docs
uses: losisin/helm-docs-github-action@2ccf3e77eb70dc80d62f8cc26f15d0a96b75fef4 # v1.8.0
uses: losisin/helm-docs-github-action@3a4528e97c49a5e83de6b78c50c61c8ee5c9f944 # v2
with:
chart-search-root: "helm/defectdojo"

Expand All @@ -107,15 +107,21 @@ jobs:
branch: ${{ env.NEW_BRANCH }}

- name: Create Pull Request
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
github.rest.pulls.create({
const pr = await github.rest.pulls.create({
owner: '${{ env.GITHUB_ORG }}',
repo: 'django-DefectDojo',
title: 'Release: Merge release into master from: ${{ env.NEW_BRANCH }}',
body: `Release triggered by \`${ process.env.GITHUB_ACTOR }\``,
head: '${{ env.NEW_BRANCH }}',
base: 'master'
})
await github.rest.issues.addLabels({
owner: '${{ env.GITHUB_ORG }}',
repo: 'django-DefectDojo',
issue_number: pr.data.number,
labels: ['release-management']
})
24 changes: 18 additions & 6 deletions .github/workflows/release-3-master-into-dev.yml
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ jobs:
yq -i '.annotations."artifacthub.io/changes" = ""' helm/defectdojo/Chart.yaml

- name: Run helm-docs
uses: losisin/helm-docs-github-action@2ccf3e77eb70dc80d62f8cc26f15d0a96b75fef4 # v1.8.0
uses: losisin/helm-docs-github-action@3a4528e97c49a5e83de6b78c50c61c8ee5c9f944 # v2
with:
chart-search-root: "helm/defectdojo"

Expand All @@ -95,18 +95,24 @@ jobs:
branch: ${{ env.NEW_BRANCH }}

- name: Create Pull Request
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
github.rest.pulls.create({
const pr = await github.rest.pulls.create({
owner: '${{ env.GITHUB_ORG }}',
repo: 'django-DefectDojo',
title: 'Release: Merge back ${{ inputs.release_number_new }} into dev from: ${{ env.NEW_BRANCH }}',
body: `Release triggered by \`${ process.env.GITHUB_ACTOR }\``,
head: '${{ env.NEW_BRANCH }}',
base: 'dev'
})
await github.rest.issues.addLabels({
owner: '${{ env.GITHUB_ORG }}',
repo: 'django-DefectDojo',
issue_number: pr.data.number,
labels: ['release-management']
})

create_pr_for_merge_back_into_bugfix:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -157,7 +163,7 @@ jobs:
yq -i '.annotations."artifacthub.io/changes" = ""' helm/defectdojo/Chart.yaml

- name: Run helm-docs
uses: losisin/helm-docs-github-action@2ccf3e77eb70dc80d62f8cc26f15d0a96b75fef4 # v1.8.0
uses: losisin/helm-docs-github-action@3a4528e97c49a5e83de6b78c50c61c8ee5c9f944 # v2
with:
chart-search-root: "helm/defectdojo"

Expand All @@ -171,15 +177,21 @@ jobs:
branch: ${{ env.NEW_BRANCH }}

- name: Create Pull Request
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
github.rest.pulls.create({
const pr = await github.rest.pulls.create({
owner: '${{ env.GITHUB_ORG }}',
repo: 'django-DefectDojo',
title: 'Release: Merge back ${{ inputs.release_number_new }} into bugfix from: ${{ env.NEW_BRANCH }}',
body: `Release triggered by \`${ process.env.GITHUB_ACTOR }\``,
head: '${{ env.NEW_BRANCH }}',
base: 'bugfix'
})
await github.rest.issues.addLabels({
owner: '${{ env.GITHUB_ORG }}',
repo: 'django-DefectDojo',
issue_number: pr.data.number,
labels: ['release-management']
})
2 changes: 1 addition & 1 deletion .github/workflows/release-drafter.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
steps:
- name: Create Release
id: create_release
uses: release-drafter/release-drafter@139054aeaa9adc52ab36ddf67437541f039b88e2 # v7.1.1
uses: release-drafter/release-drafter@563bf132657a13ded0b01fcb723c5a58cdd824e2 # v7.2.1
with:
version: ${{ inputs.version }}
env:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/release-x-manual-docker-containers.yml
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ jobs:
# we cannot set any tags here, those are set on the merged digest in release-x-manual-merge-container-digests.yml
- name: Build and push images
id: build
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
env:
DOCKER_BUILD_CHECKS_ANNOTATIONS: false
with:
Expand All @@ -90,7 +90,7 @@ jobs:

# upload the digest file as artifact
- name: Upload digest
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: digests-${{ matrix.docker-image}}-${{ matrix.os }}-${{ env.PLATFORM }}
path: ${{ runner.temp }}/digests/*
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release-x-manual-helm-chart.yml
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ jobs:
echo "chart_version=$(ls build | cut -d '-' -f 2,3 | sed 's|\.tgz||')" >> $GITHUB_ENV

- name: Create release ${{ inputs.release_number }}
uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0
with:
name: '${{ inputs.release_number }} 🌈'
tag_name: ${{ inputs.release_number }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/renovate.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,4 +21,4 @@ jobs:
uses: suzuki-shunsuke/github-action-renovate-config-validator@ee9f69e1f683ed0d08225086482b34fc9abe9300 # v2.1.0
with:
strict: "true"
validator_version: 43.110.14 # renovate: datasource=github-releases depName=renovatebot/renovate
validator_version: 43.141.6 # renovate: datasource=github-releases depName=renovatebot/renovate
6 changes: 3 additions & 3 deletions .github/workflows/test-helm-chart.yml
Original file line number Diff line number Diff line change
Expand Up @@ -129,14 +129,14 @@ jobs:
git commit -m "ci: update Chart annotations from PR #${{ github.event.pull_request.number }}" || echo "No changes to commit"

- name: Run helm-docs (update)
uses: losisin/helm-docs-github-action@2ccf3e77eb70dc80d62f8cc26f15d0a96b75fef4 # v1.8.0
uses: losisin/helm-docs-github-action@3a4528e97c49a5e83de6b78c50c61c8ee5c9f944 # v2
if: startsWith(github.head_ref, 'renovate/') || startsWith(github.head_ref, 'dependabot/')
with:
chart-search-root: "helm/defectdojo"
git-push: true

- name: Run helm-docs (check)
uses: losisin/helm-docs-github-action@2ccf3e77eb70dc80d62f8cc26f15d0a96b75fef4 # v1.8.0
uses: losisin/helm-docs-github-action@3a4528e97c49a5e83de6b78c50c61c8ee5c9f944 # v2
if: ${{ !(startsWith(github.head_ref, 'renovate/') || startsWith(github.head_ref, 'dependabot/')) }}
with:
fail-on-diff: true
Expand All @@ -155,7 +155,7 @@ jobs:
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

- name: Generate values schema json
uses: losisin/helm-values-schema-json-action@02bda41b469ccfb3f0abb35f4211e598b0b6ea3e # v2.5.0
uses: losisin/helm-values-schema-json-action@39cdf80504f6c95ad3c4f317e2135e2509ea56bb # v3
with:
fail-on-diff: true
working-directory: "helm/defectdojo"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/update-sample-data.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
git config --global user.email "${{ env.GIT_EMAIL }}"

- name: Create Pull Request
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: "Update sample data"
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/validate_docs_build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,12 @@ jobs:
extended: true

- name: Setup Node
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: '24.14.1' # TODO: Renovate helper might not be needed here - needs to be fully tested
node-version: '24.15.0' # TODO: Renovate helper might not be needed here - needs to be fully tested

- name: Cache dependencies
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
Expand Down
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -152,3 +152,4 @@ docs/.hugo_build.lock

# claude etc
MEMORY.md
.claude/
Loading