Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Helm release mysql (helm/defectdojo/Chart.yaml) #10502

Closed
wants to merge 1 commit into from
Closed

Update Helm release mysql (helm/defectdojo/Chart.yaml) #10502

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 2, 2024

Mend Renovate

This PR contains the following updates:

Package Update Change
mysql (source) minor ~9.19.0 -> ~9.23.0
mysql major 5.7.44 -> 9.0.0

Release Notes

bitnami/charts (mysql)

v9.23.0

  • [bitnami/mysql] feat: ✨ 🔒 Add automatic adaptation for Openshift restricted-v2 SCC (#​2 (51beaf0), closes #​24128

v9.22.0

v9.21.2

v9.21.1

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Jul 2, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jul 2, 2024
edited
Loading

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
SQL Injection Analyzer 0 findings
Server-Side Request Forgery Analyzer 0 findings
Configured Codepaths Analyzer 0 findings
Sensitive Files Analyzer 0 findings
IDOR Analyzer 0 findings
Authn/Authz Analyzer 0 findings
Secrets Analyzer 0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The provided code changes in this pull request primarily focus on updating the versions of various Helm chart dependencies used in the DefectDojo application, as well as updating the MySQL database version used in the Docker Compose configuration.

From an application security perspective, these changes are generally benign and represent routine updates to keep the application's dependencies up-to-date. Updating dependencies can potentially include security patches, bug fixes, and feature improvements, which is generally a positive change.

However, it is important to thoroughly review the release notes and change logs of the updated dependencies to ensure that there are no known security vulnerabilities or breaking changes that could impact the DefectDojo application. Additionally, it is recommended to thoroughly test the application with the new dependencies and database version to ensure that there are no regressions or unexpected behavior.

The Docker Compose configuration changes also highlight the importance of properly managing security-related configurations, such as environment variables, credential management, and volume mounts, to maintain the overall security posture of the application.

Files Changed:

  1. helm/defectdojo/Chart.yaml: This file has been updated to use a newer version of the MySQL Helm chart dependency (from ~9.19.0 to ~9.23.0). This is a routine dependency update that should be reviewed for any security-related changes or improvements.

  2. helm/defectdojo/Chart.lock: This file has been updated to reflect the changes in the Helm chart dependencies, including the MySQL chart version update from 9.19.1 to 9.23.0, and the PostgreSQL chart version update from 15.5.11 to 15.5.12.

  3. docker-compose.yml: This file has been updated to use a newer version of the MySQL database image, from 5.7.44 to 9.0.0. This change should be thoroughly tested to ensure compatibility and to review any security-related updates or changes in the new database version.

Powered by DryRun Security

mtesauro
mtesauro requested changes Jul 3, 2024
View reviewed changes
docker-compose.yml Outdated
@@ -128,7 +128,7 @@ services:
source: ./docker/extra_settings
target: /app/docker/extra_settings
mysql:
image: mysql:5.7.44@sha256:4bc6bc963e6d8443453676cae56536f4b8156d78bae03c0145cbe47c2aad73bb
image: mysql:9.0.0@sha256:eb37f58646a901dc7727cf448cae36daaefaba79de33b5058dab79aa4c04aefb
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MySQL was deprecated in 2.36.0

@mtesauro
Copy link
Contributor

mtesauro commented Jul 3, 2024

Blocking merging of this by having a requested change since Renovate keeps recreating the same PR if it's closed.

@renovate renovate bot force-pushed the renovate/mysql-9.x branch from 8dd223c to b2b29df Compare July 3, 2024 01:45
@renovate renovate bot force-pushed the renovate/mysql-9.x branch from b2b29df to 1155c2e Compare July 3, 2024 07:21
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Jul 3, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

This was referenced Jul 3, 2024
Closed
Merged
@cneill cneill closed this Jul 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mtesauro mtesauro mtesauro requested changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file docker helm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mtesauro @cneill