-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release: Merge release into master from: release/2.39.2 #11110
Conversation
….40.0-dev Release: Merge back 2.39.1 into bugfix from: master-into-bugfix/2.39.1-2.40.0-dev
* 💄 Advance architecture docs * update * Update docs/content/en/getting_started/architecture.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update docs/content/en/getting_started/architecture.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> --------- Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
* 🎉 add file_path to SonarQube findings * fix unittest
* 🎉 ADD ELSA errata * ruff * rebase
* get or create environment * honor auto_create_context, update docs * case of not providing environment * create base class, re-use code import, reimport * put common context code in base * mistyped dict for data
* SLA Config: Add new config that does not enforce SLA * Update sla_configurations.json
DryRun Security SummaryThe GitHub pull request covers a wide range of updates to the DefectDojo application, including improvements to the initialization and setup process, documentation updates, dependency version updates, and enhancements to the import and parsing functionality, with a few areas requiring careful review and consideration, such as the removal of the order placement check, user input sanitization, hardcoded constants and external libraries, and dependency updates. Expand for full summarySummary: The changes in this GitHub pull request cover a wide range of updates to the DefectDojo application, including improvements to the initialization and setup process, documentation updates, dependency version updates, and enhancements to the import and parsing functionality. From an application security perspective, the changes generally do not introduce any obvious security vulnerabilities, but there are a few areas that require careful review and consideration:
Files Changed:
Code AnalysisWe ran
Riskiness🔴 Risk threshold exceeded. We've notified @mtesauro, @grendel513. |
Release triggered by
rossops