Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release: Merge back 2.42.1 into bugfix from: master-into-bugfix/2.42.1-2.43.0-dev #11559

Merged
merged 5 commits into from
Jan 13, 2025
Merged

Release: Merge back 2.42.1 into bugfix from: master-into-bugfix/2.42.1-2.43.0-dev #11559

merged 5 commits into from
Jan 13, 2025

Conversation

github-actions[bot]
Copy link
Contributor

Release triggered by rossops

paulOsinski and others added 5 commits January 7, 2025 13:41
@paulOsinski
Readme docs update (#11516)
000728a 
* add back ldap-authentication.md

* add back api-v2-docs.md

* update broken readme links

---------

Co-authored-by: Paul Osinski <[email protected]>
Update versions in application files
9b51fee
@rossops
Merge branch 'master' into release/2.42.1
5c64bbd
@rossops
Merge pull request #11557 from DefectDojo/release/2.42.1
0b4bfeb 
Release: Merge release into master from: release/2.42.1
Update versions in application files
5049968
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jan 13, 2025
edited
Loading

DryRun Security Summary

This pull request encompasses documentation updates, a minor version bump, API documentation improvements, LDAP authentication integration, and a Helm chart version update, focusing on enhancing the DefectDojo project's usability, security, and user experience.

Expand for full summary

Summary:

The changes in this pull request cover various aspects of the DefectDojo project, including documentation updates, a minor version update, API documentation improvements, LDAP authentication integration, and a Helm chart version update.

The documentation updates focus on improving the project's online documentation, such as updating the official documentation URL, improving the structure and navigation of the documentation, and providing more detailed information on the DefectDojo API and authentication options. These changes do not introduce any security concerns and are aimed at enhancing the user experience and usability of the project.

The minor version update in the dojo/__init__.py file appears to be a routine change, likely containing bug fixes or small improvements. While there are no obvious security implications, it is important to review the actual changes and any associated release notes to ensure that there are no security-related fixes or improvements included in the update.

The changes to the API documentation provide detailed information on the API's authentication mechanisms, sample code, and testing instructions. These changes are positive from a security perspective, as they help users understand and properly interact with the API in a secure manner.

The addition of LDAP authentication support is a significant security-focused change, as it allows organizations to leverage their existing LDAP infrastructure for user management and authentication. The changes appear to be well-designed and follow best practices for integrating LDAP authentication in a Django-based application.

Finally, the Helm chart version update is a minor change that does not directly impact the security of the DefectDojo application. However, it is important to review any changes to the Helm chart dependencies, as they could indirectly affect the security of the application.

Files Changed:

  1. README.md: The documentation section has been updated to reflect the new official documentation URL and links to specific documentation sections.
  2. dojo/__init__.py: The version number has been updated from "2.42.0" to "2.42.1".
  3. docs/content/en/open_source/api-v2-docs.md: The documentation for the DefectDojo API version 2 has been improved, including details on authentication, sample code, and client libraries.
  4. docs/content/en/open_source/ldap-authentication.md: New documentation has been added to describe the integration of LDAP authentication support in the DefectDojo application.
  5. helm/defectdojo/Chart.yaml: The Helm chart version has been updated from 1.6.168-dev to 1.6.169-dev.

Code Analysis

We ran 9 analyzers against 5 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@rossops rossops closed this Jan 13, 2025
@rossops rossops reopened this Jan 13, 2025
@rossops rossops merged commit 965f171 into bugfix Jan 13, 2025
71 checks passed
@rossops rossops deleted the master-into-bugfix/2.42.1-2.43.0-dev branch January 13, 2025 16:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
docs helm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rossops @paulOsinski