feat(helm): Make probes more customizable#13779
Draft
kiblik wants to merge 10000 commits intoDefectDojo:devfrom
Draft
feat(helm): Make probes more customizable#13779kiblik wants to merge 10000 commits intoDefectDojo:devfrom
kiblik wants to merge 10000 commits intoDefectDojo:devfrom
Conversation
…rics Fix incorrect (inflated) numbers in top 10 metrics
* deduplication: add more importer unit tests * deduplication: add more importer unit tests * uncomment tests * add more assessments
…efectDojo#13460) * view_finding: show unique_id_from_tool with hash_code * view_finding: show unique_id_from_tool with hash_code
…13464) * deduplication logic: add missing tests * deduplication logic: add docs * deduplication logic: add docs
Bumps [python-gitlab](https://github.com/python-gitlab/python-gitlab) from 6.4.0 to 6.5.0. - [Release notes](https://github.com/python-gitlab/python-gitlab/releases) - [Changelog](https://github.com/python-gitlab/python-gitlab/blob/main/CHANGELOG.md) - [Commits](python-gitlab/python-gitlab@v6.4.0...v6.5.0) --- updated-dependencies: - dependency-name: python-gitlab dependency-version: 6.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.40.54 to 1.40.55. - [Release notes](https://github.com/boto/boto3/releases) - [Commits](boto/boto3@1.40.54...1.40.55) --- updated-dependencies: - dependency-name: boto3 dependency-version: 1.40.55 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Release: Merge release into master from: release/2.51.2
…x/2.51.2-2.52.0-dev Release: Merge back 2.51.2 into bugfix from: master-into-bugfix/2.51.2-2.52.0-dev
….51.2-2.52.0-dev Release: Merge back 2.51.2 into dev from: master-into-dev/2.51.2-2.52.0-dev
…ectDojo#12773) * Refactor GithubVulnerability parser and add GithubSAST parser * More GithubVulnerability and GithubSAST parser improvements * Add documentation * Add tests, update docs, and add hash code fields * Fix Github vulnerability parser unit test * Unit tests and parser tweaks * Rm files pushed by mistake * Revert certain removals from unit test * Add EPSS field population and update unit tests * Removed some unnecessary comments and formatting * Ruff formatting * Fix unit tests * Ruff formatting * Fix unit test * Github Vulnerability parser and docs tweaks, and upgrade instructions * Politeness * Fix dependabot update pr link parsing * Backwards compatability * Revert 2.49 docs change and add 2.51 * Add 2.51 upgrade doc * Smol 2.51 upgrade doc fix * Move imports to top * Ruff lint fix --------- Co-authored-by: Zeke Tierkel <zeketierkel@Zekes-MacBook-Pro.local> Co-authored-by: valentijnscholten <valentijnscholten@gmail.com>
…s/package.json) (DefectDojo#13381) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [psycopg[c]](https://github.com/psycopg/psycopg) from 3.2.10 to 3.2.11. - [Changelog](https://github.com/psycopg/psycopg/blob/master/docs/news.rst) - [Commits](psycopg/psycopg@3.2.10...3.2.11) --- updated-dependencies: - dependency-name: psycopg[c] dependency-version: 3.2.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…v41.146.8 (.github/workflows/renovate.yaml) (DefectDojo#13484) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
… default (DefectDojo#13488) * jira_integration: changes risk acceptance expiration date to a better default * Update dojo/models.py * Update dojo/models.py --------- Co-authored-by: valentijnscholten <valentijnscholten@gmail.com>
…efectDojo#13499) * deduplication logic: add cross scanner unique_id tests * unique_id_from_tool dedupe: fix cross parser logic * update finding ids in tests * notifications test: replace hardcoded ids with references * fix merge artifacts
* UNIQUE_ID_OR_HASH_CODE: dont stop after one candidate * docs: add upgrade note
…son) (DefectDojo#13508) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [redis](https://github.com/redis/redis-py) from 7.0.1 to 7.1.0. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v7.0.1...v7.1.0) --- updated-dependencies: - dependency-name: redis dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.40.75 to 1.41.0. - [Release notes](https://github.com/boto/boto3/releases) - [Commits](boto/boto3@1.40.75...1.41.0) --- updated-dependencies: - dependency-name: boto3 dependency-version: 1.41.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ctDojo#13741) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…-helm-chart.yml) (DefectDojo#13746) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…alidate_docs_build.yml) (DefectDojo#13747) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Paul Osinski <paul.m.osinski@gmail.com>
* 🎉 implement zora vulnerabilty parser * udpate * update * update * fix * fix
* 🐛 fix severity order of trivy DefectDojo#13647 * udpate, fix unittests * update * update
We are approving a boto3 rev almost every single day at this point. Let's skip the patches and only focus on the minor revs
* Add OpenReports import support * OpenReports: cleanup * 🚨fix: Lint errors * OpenReports: Add Dedup and non-CVE support * docs: Add OpenReports file import docs * Add scanner name to Test name * Switch dedup method * Move tags to unsaved_tags * Use DEDUPE_ALGO_HASH_CODE * Fix unit tests and move to fix_version in finding * Fix failing tests * Fix tests
…origin (DefectDojo#13740) * feat(serializers, filters): add choice fields for business criticality, platform, lifecycle, and origin * feat(serializers): allow null values for choice fields in ProductSerializer * feat(serializers): make choice fields optional in ProductSerializer
…3748) Now that this feature has been live for a while, I think we can reduce the logging a bit. Noticed a lot of logs for this during DefectDojo#13241
Publish documentation on pushes to bugfix in addition to master. This will be useful for fixing urgent documentation issues without waiting for a week for the next bugfix release
Bumps [boto3](https://github.com/boto/boto3) from 1.41.0 to 1.41.1. - [Release notes](https://github.com/boto/boto3/releases) - [Commits](boto/boto3@1.41.0...1.41.1) --- updated-dependencies: - dependency-name: boto3 dependency-version: 1.41.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Add path filter for docs in gh-pages workflow
Release: Merge release into master from: release/2.52.3
….52.3-2.53.0-dev Release: Merge back 2.52.3 into dev from: master-into-dev/2.52.3-2.53.0-dev
Signed-off-by: kiblik <5609770+kiblik@users.noreply.github.com>
Contributor
|
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
TBD