Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
cc0afa9
Update versions in application files
Jun 15, 2026
b31cf9a
Merge pull request #15020 from DefectDojo/master-into-dev/3.0.0-3.1.0…
Maffooch Jun 15, 2026
eab1363
Added global required fields notice for WCAG H90 compliance (#14962)
sym9 Jun 16, 2026
50d28ac
Update versions in application files
Jun 17, 2026
f2aaff5
Merge branch 'dev' into master-into-dev/3.0.1-3.1.0-dev
Maffooch Jun 17, 2026
0fce166
Merge pull request #15037 from DefectDojo/master-into-dev/3.0.1-3.1.0…
Maffooch Jun 17, 2026
5fd73ac
perf(importers): batch Vulnerability_Id inserts (#14966)
valentijnscholten Jun 17, 2026
8ef84e3
perf(importers): batch BurpRawRequestResponse inserts + re-enable per…
valentijnscholten Jun 17, 2026
1c3f265
Update postgres:18.4-alpine Docker digest from 18.4 to 18.4-alpine (d…
renovate[bot] Jun 18, 2026
add3c9a
chore(deps): update docker/login-action action from v4.1.0 to v4.2.0 …
renovate[bot] Jun 18, 2026
5d5b1c5
chore(deps): update eps1lon/actions-label-merge-conflict action from …
renovate[bot] Jun 18, 2026
1ced735
chore(deps): update mccutchen/go-httpbin docker tag from 2.22.1 to v2…
renovate[bot] Jun 18, 2026
c38a57e
chore(deps): bump ruff from 0.15.15 to 0.15.16 (#14995)
dependabot[bot] Jun 18, 2026
d58ab66
chore(deps): bump pdfmake from 0.3.8 to 0.3.10 in /components (#14996)
dependabot[bot] Jun 18, 2026
ec00514
chore(deps-dev): bump vcrpy from 8.1.1 to 8.2.1 (#15028)
dependabot[bot] Jun 18, 2026
e92a054
chore(deps): bump sqlalchemy from 2.0.50 to 2.0.51 (#15025)
dependabot[bot] Jun 18, 2026
eada00c
Update losisin/helm-values-schema-json-action digest from v3.0.1 to v…
renovate[bot] Jun 18, 2026
72300a6
chore(deps-dev): bump @tailwindcss/cli in /components (#15031)
dependabot[bot] Jun 18, 2026
f08d09f
chore(deps): bump vulners from 3.1.10 to 3.1.11 (#15030)
dependabot[bot] Jun 18, 2026
2576607
feat(ui): fold Finding Groups under Findings in the sidebar (#15040)
ksitton58 Jun 18, 2026
8d27bd1
fix: prevent TypeError in clean_tags when parsers emit None tags (#15…
stevewallone Jun 18, 2026
2b2ea99
Update versions in application files
Jun 22, 2026
b784ca2
Merge branch 'dev' into master-into-dev/3.0.100-3.1.0-dev
rossops Jun 22, 2026
85db914
Merge pull request #15055 from DefectDojo/master-into-dev/3.0.100-3.1…
rossops Jun 22, 2026
c608eef
fix(ui): use brand color tokens instead of hardcoded hex in new UI (#…
ksitton58 Jun 22, 2026
e780723
refactor(ui): use design tokens instead of hardcoded colors on new lo…
ksitton58 Jun 22, 2026
02b622c
chore(deps): update docker/setup-buildx-action action from v4.0.0 to …
renovate[bot] Jun 23, 2026
71ebb3a
chore(deps): bump json-log-formatter from 1.1.1 to 1.2.1 (#14994)
dependabot[bot] Jun 23, 2026
bddd631
chore(deps): bump django-permissions-policy from 4.30.0 to 4.31.0 (#1…
dependabot[bot] Jun 23, 2026
fb57de2
update and optimize prefetcher (#14964)
dogboat Jun 23, 2026
57337b9
chore(deps): update dependency renovatebot/renovate from 43.141.6 to …
renovate[bot] Jun 23, 2026
5eb2fc4
Add Garak (NVIDIA LLM vulnerability scanner) parser (#15013)
Dashtid Jun 23, 2026
04f5269
Update valkey/valkey Docker tag from 9.0.4 to v9.1.0 (docker-compose.…
renovate[bot] Jun 23, 2026
f70eb57
chore(deps): update valkey docker tag from 0.20.2 to v0.22.1 (helm/de…
renovate[bot] Jun 24, 2026
76fcdb3
chore(deps): update azure/setup-helm action from v5.0.0 to v5.0.1 (.g…
renovate[bot] Jun 24, 2026
7ecb416
chore(deps): update dependency kubernetes from 1.33.12 to v1.33.13 (.…
renovate[bot] Jun 24, 2026
8508e2f
chore(deps): update python docker tag from 3.14.5 to v3.14.6 (dockerf…
renovate[bot] Jun 24, 2026
fa486c0
chore(deps): update softprops/action-gh-release action from v3.0.0 to…
renovate[bot] Jun 24, 2026
202250c
chore(deps-dev): bump django-debug-toolbar from 6.3.0 to 7.0.0 (#15071)
dependabot[bot] Jun 24, 2026
412978b
chore(deps): bump ruff from 0.15.16 to 0.15.19 (#15072)
dependabot[bot] Jun 24, 2026
42edc8f
chore(deps): bump django-environ from 0.13.0 to 0.14.0 (#15073)
dependabot[bot] Jun 24, 2026
eb68d69
chore(deps): bump redis from 8.0.0 to 8.0.1 (#15074)
dependabot[bot] Jun 24, 2026
b803c32
chore(deps): bump pdfmake from 0.3.10 to 0.3.11 in /components (#15075)
dependabot[bot] Jun 24, 2026
ee2b577
chore(deps): update actions/setup-python action from v6.2.0 to v6.3.0…
renovate[bot] Jun 24, 2026
4c50920
chore(deps): update dependency node from 24.16.0 to v24.18.0 (.github…
renovate[bot] Jun 24, 2026
600b3e7
chore(deps): update mccutchen/go-httpbin docker tag from 2.18.3 to v2…
renovate[bot] Jun 24, 2026
007df3b
chore(deps): update openapitools/openapi-generator-cli docker tag fro…
renovate[bot] Jun 24, 2026
f1cecef
Add XML support for Checkmarx CxFlow SAST parser
goutham-hari Jun 26, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/build-docker-images-for-testing.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ jobs:
run: echo "IMAGE_REPOSITORY=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0

- name: Build
id: docker_build
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/detect-merge-conflicts.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
- name: check if prs are conflicted
# we experience a high error rate so we allow this to fail but still have the check become green on the PR
continue-on-error: true
uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3.0.3
uses: eps1lon/actions-label-merge-conflict@0273be72a0bbd58fcd71d0d6c02c209b50d1e5e1 # v3.1.0
with:
dirtyLabel: "conflicts-detected"
repoToken: "${{ secrets.GITHUB_TOKEN }}"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/gh-pages.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
- name: Setup Node
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: '24.16.0' # TODO: Renovate helper might not be needed here - needs to be fully tested
node-version: '24.18.0' # TODO: Renovate helper might not be needed here - needs to be fully tested

- name: Cache dependencies
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/k8s-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
# are tested (https://kubernetes.io/releases/)
- k8s: 'v1.35.4' # renovate: datasource=github-releases depName=kubernetes/kubernetes versioning=loose
os: debian
- k8s: '1.33.12' # renovate: datasource=custom.endoflife-oldest-maintained depName=kubernetes
- k8s: '1.33.13' # renovate: datasource=custom.endoflife-oldest-maintained depName=kubernetes
os: debian
steps:
- name: Checkout
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/release-x-manual-docker-containers.yml
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ jobs:
run: echo "DOCKER_ORG=$(echo ${GITHUB_REPOSITORY%%/*} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Login to DockerHub
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
Expand All @@ -64,7 +64,7 @@ jobs:

- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0

# we cannot set any tags here, those are set on the merged digest in release-x-manual-merge-container-digests.yml
- name: Build and push images
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/release-x-manual-helm-chart.yml
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ jobs:
git config --global user.email "${{ env.GIT_EMAIL }}"

- name: Set up Helm
uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0
uses: azure/setup-helm@9bc31f4ebc9c6b171d7bfbaa5d006ae7abdb4310 # v5.0.1

- name: Configure HELM repos
run: |-
Expand All @@ -77,7 +77,7 @@ jobs:
echo "chart_version=$(ls build | cut -d '-' -f 2,3 | sed 's|\.tgz||')" >> $GITHUB_ENV

- name: Create release ${{ inputs.release_number }}
uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0
uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b # v3.0.1
with:
name: '${{ inputs.release_number }} 🌈'
tag_name: ${{ inputs.release_number }}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,13 +48,13 @@ jobs:
merge-multiple: true

- name: Login to DockerHub
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0

# the alpine and debian images are tagged with the os name
- name: Create OS specific manifest list and push
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/release-x-manual-tag-as-latest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,13 +37,13 @@ jobs:
run: echo "DOCKER_ORG=$(echo ${GITHUB_REPOSITORY%%/*} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Login to DockerHub
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0

- name: Tag with latest tags
run: |
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/renovate.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,4 +21,4 @@ jobs:
uses: suzuki-shunsuke/github-action-renovate-config-validator@ee9f69e1f683ed0d08225086482b34fc9abe9300 # v2.1.0
with:
strict: "true"
validator_version: 43.141.6 # renovate: datasource=github-releases depName=renovatebot/renovate
validator_version: 43.240.0 # renovate: datasource=github-releases depName=renovatebot/renovate
8 changes: 4 additions & 4 deletions .github/workflows/test-helm-chart.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,9 @@ jobs:
fetch-depth: 0

- name: Set up Helm
uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0
uses: azure/setup-helm@9bc31f4ebc9c6b171d7bfbaa5d006ae7abdb4310 # v5.0.1

- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
- uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0
with:
python-version: 3.14 # Renovate helper is not needed here

Expand Down Expand Up @@ -155,7 +155,7 @@ jobs:
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3

- name: Generate values schema json
uses: losisin/helm-values-schema-json-action@39cdf80504f6c95ad3c4f317e2135e2509ea56bb # v3
uses: losisin/helm-values-schema-json-action@cfefdf4241da6dbe17f3378e3cd0e863d4a4c3c8 # v3
with:
fail-on-diff: true
working-directory: "helm/defectdojo"
Expand All @@ -178,7 +178,7 @@ jobs:
fetch-depth: 0

- name: Set up Helm
uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0
uses: azure/setup-helm@9bc31f4ebc9c6b171d7bfbaa5d006ae7abdb4310 # v5.0.1

- name: Configure Helm repos
run: |-
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/validate_docs_build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
- name: Setup Node
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: '24.16.0' # TODO: Renovate helper might not be needed here - needs to be fully tested
node-version: '24.18.0' # TODO: Renovate helper might not be needed here - needs to be fully tested

- name: Cache dependencies
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.django-debian
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
# Dockerfile.nginx to use the caching mechanism of Docker.

# Ref: https://devguide.python.org/#branchstatus
FROM python:3.14.5-slim-trixie@sha256:c845af9399020c7e562969a13689e929074a10fd057acd1b1fad06a2fb068e97 AS base
FROM python:3.14.6-slim-trixie@sha256:63a4c7f612a00f92042cbdcc7cdc6a306f38485af0a200b9c89de7d9b1607d15 AS base
FROM base AS build
WORKDIR /app
RUN \
Expand Down
4 changes: 2 additions & 2 deletions Dockerfile.integration-tests-debian
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@

# code: language=Dockerfile

FROM openapitools/openapi-generator-cli:v7.22.0@sha256:1f459499a7c794aa0ea769c3c9b0eb54806c5ad2f68510a0ebb9338d0a626ced AS openapitools
FROM openapitools/openapi-generator-cli:v7.23.0@sha256:5ffccd3b0d4ac57eac443e1c9b3e2f2bb7f0a21ffe6c6701f3690d7edc78bf2d AS openapitools
# currently only supports x64, no arm yet due to chrome and selenium dependencies
FROM python:3.14.5-slim-trixie@sha256:c845af9399020c7e562969a13689e929074a10fd057acd1b1fad06a2fb068e97 AS build
FROM python:3.14.6-slim-trixie@sha256:63a4c7f612a00f92042cbdcc7cdc6a306f38485af0a200b9c89de7d9b1607d15 AS build
WORKDIR /app
RUN \
apt-get -y update && \
Expand Down
4 changes: 2 additions & 2 deletions components/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "defectdojo",
"version": "3.0.100",
"version": "3.1.0-dev",
"license": "BSD-3-Clause",
"private": true,
"dependencies": {
Expand Down Expand Up @@ -39,7 +39,7 @@
"metismenu": "~3.0.7",
"moment": "^2.30.1",
"morris.js": "morrisjs/morris.js",
"pdfmake": "^0.3.8",
"pdfmake": "^0.3.11",
"startbootstrap-sb-admin-2": "1.0.7"
},
"devDependencies": {
Expand Down
Loading
Loading