Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
806 commits
Select commit Hold shift + click to select a range
24381c0
Merge branch 'dev' into master-into-dev/2.58.1-2.59.0-dev
Maffooch May 6, 2026
01f2589
Merge pull request #14829 from DefectDojo/master-into-bugfix/2.58.1-2…
Maffooch May 6, 2026
1c2f4ec
Merge pull request #14830 from DefectDojo/master-into-dev/2.58.1-2.59…
Maffooch May 6, 2026
aa19631
Update valkey Docker tag from 0.20.0 to v0.20.1 (helm/defectdojo/Char…
renovate[bot] May 7, 2026
510e69b
Update losisin/helm-docs-github-action action from v1.8.0 to v2 (.git…
renovate[bot] May 7, 2026
9656a93
Update actions/labeler action from v6.0.1 to v6.1.0 (.github/workflow…
renovate[bot] May 7, 2026
e5a017b
Update losisin/helm-values-schema-json-action action from v2.5.0 to v…
renovate[bot] May 7, 2026
c808e3f
chore(deps): bump easymde from 2.20.0 to 2.21.0 in /components (#14817)
dependabot[bot] May 7, 2026
7cb2cf3
chore(deps): bump pyopenssl from 26.1.0 to 26.2.0 (#14818)
dependabot[bot] May 7, 2026
8177bcc
chore(deps): bump django-polymorphic from 4.11.2 to 4.11.3 (#14821)
dependabot[bot] May 7, 2026
81936b0
chore(deps): bump psycopg from 3.3.3 to 3.3.4 (#14822)
dependabot[bot] May 7, 2026
f8ca4a1
chore(deps): bump gitpython from 3.1.49 to 3.1.50 (#14823)
dependabot[bot] May 7, 2026
2e12838
chore(deps): bump drf-spectacular-sidecar from 2026.4.14 to 2026.5.1 …
dependabot[bot] May 7, 2026
5244e7a
chore(deps): bump social-auth-app-django from 5.8.0 to 5.9.0 (#14826)
dependabot[bot] May 7, 2026
bd1a39b
Update changelog for May 2026 release (v2.58.0) (#14807)
Maffooch May 7, 2026
76a2323
test: pin query-count baselines for tag inheritance hot paths (#14811)
valentijnscholten May 7, 2026
5deca76
Update valkey/valkey Docker tag from 9.0.3 to v9.0.4 (docker-compose.…
renovate[bot] May 7, 2026
3b4bcde
perf(dupe-delete): use bulk_delete_findings + correlated subquery in …
valentijnscholten May 7, 2026
e6ca9c5
add russian lang (#14799)
polishchukd May 7, 2026
f1e7025
test: add background param to import all unit tests command (#14805)
valentijnscholten May 7, 2026
450a683
cascade delete: prepare preview_only parameter (#14810)
valentijnscholten May 8, 2026
b70c293
:tada: add ksa security advisory (#14809)
manuel-sommer May 8, 2026
79f58ec
Add mitigation finding filters and complete mitigation filter tests (…
bendnema May 8, 2026
6788368
perf(tags): bulk-propagate inherited tags + gate child post_save on c…
valentijnscholten May 8, 2026
7ac0d9d
perf(tags): centralize tag inheritance + replace signal disconnect wi…
valentijnscholten May 8, 2026
6e4a324
feat(parsers): add Xygeni JSON parser (SAST, SCA, Secrets) (#14769)
lmrb-1968 May 8, 2026
817a36c
remove: questionnaire API endpoints (2.56 deprecation, 2.59 EOL) (#14…
Maffooch May 8, 2026
f50bb18
remove: Stub Findings (2.57 deprecation, 2.59 EOL) (#14837)
Maffooch May 8, 2026
04c3d89
Use a dedicated permission class for BurpRawRequestResponseViewSet (#…
Maffooch May 8, 2026
b681610
remove: Credential Manager (2.57 deprecation, 2.59 EOL) (#14836)
Maffooch May 8, 2026
558a3d2
feat(importers): apply import-time tags per batch before post-process…
valentijnscholten May 8, 2026
5850438
chore(deps): bump django from 5.2.13 to 5.2.14 (#14843)
dependabot[bot] May 9, 2026
61ff259
chore(deps): bump @babel/plugin-transform-modules-systemjs in /docs (…
dependabot[bot] May 9, 2026
66d2db6
chore(deps): bump django from 5.2.13 to 5.2.14 (#14846)
dependabot[bot] May 11, 2026
1101980
chore(deps): bump gitpython from 3.1.49 to 3.1.50 (#14845)
dependabot[bot] May 11, 2026
caac66b
[docs] locations (pro feature), maintenance (#14834)
paulOsinski May 11, 2026
effec9c
Update versions in application files
May 11, 2026
6eab873
Merge pull request #14850 from DefectDojo/release/2.58.2
rossops May 11, 2026
57252a2
Update versions in application files
May 11, 2026
59c7ada
Update versions in application files
May 11, 2026
aa5eb7d
Merge branch 'dev' into master-into-dev/2.58.2-2.59.0-dev
rossops May 11, 2026
135dc08
Merge pull request #14852 from DefectDojo/master-into-dev/2.58.2-2.59…
rossops May 11, 2026
bca9cc4
Merge pull request #14851 from DefectDojo/master-into-bugfix/2.58.2-2…
rossops May 11, 2026
7d05ba1
docs: Add Components page and glossary entry (#14840)
Jino-T May 11, 2026
966e34e
:zap: speed up migrate_endpoints_to_locations (~14× fewer queries) (#…
Maffooch May 11, 2026
5919caa
chore(deps): bump urllib3 from 2.6.3 to 2.7.0 (#14853)
dependabot[bot] May 12, 2026
5d5fa3e
Fix URLs and expand Lychee coverage (#14855)
Maffooch May 12, 2026
c851b98
[docs] update changelog for v2.58.2 release notes (#14854)
Maffooch May 12, 2026
0b62f8b
update saml docs with examples
paulOsinski May 13, 2026
d430bac
Update peaceiris/actions-gh-pages action from v4.0.0 to v4.1.0 (.gith…
renovate[bot] May 13, 2026
5598238
chore(deps): bump pdfmake from 0.3.7 to 0.3.8 in /components (#14862)
dependabot[bot] May 13, 2026
0b8a4f9
chore(deps): bump requests from 2.33.1 to 2.34.0 (#14861)
dependabot[bot] May 13, 2026
f99945b
Update release-drafter/release-drafter action from v7.2.1 to v7.3.0 (…
renovate[bot] May 13, 2026
2bcb41b
Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Do…
renovate[bot] May 13, 2026
db1932c
Update peaceiris/actions-hugo action from v3.0.0 to v3.2.1 (.github/w…
renovate[bot] May 13, 2026
b41f5b7
rename CLAUDE.md to AGENTS.md
valentijnscholten May 14, 2026
039ad0e
new user creation workflows
paulOsinski May 14, 2026
f719f7a
update force active/verified docs
paulOsinski May 14, 2026
324ee8e
adjust deduplication for engagements
paulOsinski May 14, 2026
0f76e56
update uparser docs
paulOsinski May 14, 2026
5d963ab
Add docs for Products and Assets
dangoelz May 14, 2026
716f908
remove gitpython, the single (unused) test that uses it, and referenc…
dogboat May 14, 2026
952a56d
Tailwind UI rebuild, legacy authorization, OS surface removals (#14865)
devGregA May 14, 2026
d342779
Update link for asset nesting examples
paulOsinski May 15, 2026
ab11f66
Anchor location finding reference authorization to the finding's own …
Maffooch May 15, 2026
b50728e
Scope report views to the requesting user's authorized products (#14870)
Maffooch May 15, 2026
de61f86
Apply object-level permission check to finding duplicate API actions …
Maffooch May 15, 2026
00e4e48
Update valkey Docker tag from 0.20.1 to v0.20.2 (helm/defectdojo/Char…
renovate[bot] May 15, 2026
1e59c8d
Expose created/updated date filters for Risk Acceptance API (created_…
PDFour4 May 15, 2026
ec4fbb7
Merge pull request #14873 from valentijnscholten/chore/claude-md-agen…
rossops May 18, 2026
a4cdbb9
Merge pull request #14880 from paulOsinski/may-docs
rossops May 18, 2026
c6009ad
Merge pull request #14876 from dangoelz/products/assets
rossops May 18, 2026
cd38182
Update versions in application files
May 18, 2026
ea61111
Merge pull request #14885 from DefectDojo/release/2.58.3
rossops May 18, 2026
87651ca
Update versions in application files
May 18, 2026
ae85ca8
Update versions in application files
May 18, 2026
e06ceac
Merge branch 'dev' into master-into-dev/2.58.3-2.59.0-dev
Maffooch May 18, 2026
9971c19
Add missing imports for permissions and authorized endpoints in repor…
Maffooch May 18, 2026
ae9515b
Merge pull request #14886 from DefectDojo/master-into-bugfix/2.58.3-2…
rossops May 18, 2026
ccc265e
Mirror Reader Product_Member rows into authorized_users in tests
Maffooch May 18, 2026
827c597
Merge pull request #14887 from DefectDojo/master-into-dev/2.58.3-2.59…
Maffooch May 18, 2026
d4fa622
Merge pull request #14675 from balaakasam/docs/improve-snyk-documenta…
balaakasam May 19, 2026
e1f2163
Update python Docker tag from 3.13.13 to v3.14.5 (Dockerfile.nginx-al…
renovate[bot] May 19, 2026
af09da2
Update dependency kubernetes from 1.33.11 to v1.33.12 (.github/workfl…
renovate[bot] May 20, 2026
808726e
:bug: fix cyclonedx missing vector field #14874 (#14884)
manuel-sommer May 20, 2026
bac558e
Update postgres Docker tag from 18.3 to v18.4 (docker-compose.yml)
renovate[bot] May 20, 2026
715d4e1
refactor: rename dispatch kwarg sync= to force_sync= (#14882)
valentijnscholten May 20, 2026
7e381f5
Fix SARIF parser crash on empty extensions
kleomartiny May 20, 2026
af7a095
Rename title to 'Open-Source Permissions'
paulOsinski May 20, 2026
bb1e710
chore(deps): bump ruff from 0.15.12 to 0.15.13 (#14899)
dependabot[bot] May 20, 2026
e835f16
Fix ruff linting quotes
kleomartiny May 20, 2026
52c8dda
chore(deps): bump requests from 2.34.0 to 2.34.2 (#14900)
dependabot[bot] May 20, 2026
004360d
chore(deps): bump alpinejs from 3.15.11 to 3.15.12 in /components (#1…
dependabot[bot] May 20, 2026
bfb33f3
chore(deps): bump vulners from 3.1.9 to 3.1.10 (#14901)
dependabot[bot] May 20, 2026
8728746
chore(deps): bump lxml from 6.1.0 to 6.1.1 (#14903)
dependabot[bot] May 20, 2026
b02ffb7
chore(deps-dev): bump @tailwindcss/cli in /components (#14904)
dependabot[bot] May 20, 2026
33b32ea
chore(deps): bump django-htmx from 1.21.0 to 1.27.0 (#14907)
dependabot[bot] May 20, 2026
80974b3
chore(deps): bump django-permissions-policy from 4.29.0 to 4.30.0 (#1…
dependabot[bot] May 20, 2026
968cc5d
perf(tag inheritance): batch_mode + per-batch bulk during import + re…
valentijnscholten May 20, 2026
65a1608
Update python:3.14.5-slim-trixie Docker digest from 3.14.5 to 3.14.5-…
renovate[bot] May 22, 2026
08d5d34
Add pt-BR locale translation
GraoMelo May 24, 2026
37fb251
Update versions in application files
May 26, 2026
5b1d60e
Merge pull request #14913 from DefectDojo/release/2.58.4
rossops May 26, 2026
2843745
Update versions in application files
May 26, 2026
9cbff68
Update versions in application files
May 26, 2026
dd0681d
Merge branch 'dev' into master-into-dev/2.58.4-2.59.0-dev
rossops May 26, 2026
ae0ea54
Merge pull request #14915 from DefectDojo/master-into-bugfix/2.58.4-2…
rossops May 26, 2026
f75fe15
Merge pull request #14914 from DefectDojo/master-into-dev/2.58.4-2.59…
rossops May 26, 2026
4b0d5dd
chore(deps): bump pyjwt from 2.12.1 to 2.13.0
dependabot[bot] May 27, 2026
4eef1c4
chore(deps): bump django-prometheus from 2.4.1 to 2.5.0
dependabot[bot] May 27, 2026
d8555ea
docs: add 2.58.3 and 2.58.4 release notes to Pro changelog
Maffooch May 27, 2026
86ec975
Update manusa/actions-setup-minikube action from v2.16.1 to v2.18.0 (…
renovate[bot] May 29, 2026
6e6706f
Merge pull request #14921 from DefectDojo/dependabot/pip/dev/django-p…
rossops Jun 1, 2026
5f95199
Merge pull request #14926 from DefectDojo/docs/changelog-2.58.3-2.58.4
rossops Jun 1, 2026
8e88ab1
Merge pull request #14919 from DefectDojo/dependabot/pip/dev/pyjwt-2.…
rossops Jun 1, 2026
6c4bdd8
Merge pull request #14909 from GraoMelo/feat/pt-br-translation-10288
rossops Jun 1, 2026
a35aecf
Merge pull request #14908 from DefectDojo/os-perms-docs
rossops Jun 1, 2026
e7e0301
Merge pull request #14895 from DefectDojo/renovate/python-3.14.5-slim…
rossops Jun 1, 2026
a19d13e
Merge pull request #14894 from DefectDojo/renovate/postgres-18.x
rossops Jun 1, 2026
8b9a769
Merge pull request #14893 from DefectDojo/renovate/manusa-actions-set…
rossops Jun 1, 2026
758be64
Merge pull request #14891 from DefectDojo/renovate/kubernetes-1.33.x
rossops Jun 1, 2026
153ea42
Merge pull request #14898 from kleomartiny/kleomartiny-patch-1
rossops Jun 1, 2026
8641c20
Merge branch 'dev' into bugfix
rossops Jun 1, 2026
f69b0f2
perf(watson): prefetch relations + force async indexing (#14881)
valentijnscholten Jun 1, 2026
f113c70
Merge pull request #14936 from DefectDojo/bugfix
rossops Jun 1, 2026
9c2cb8c
Update versions in application files
Jun 1, 2026
706b9d5
Merge pull request #14937 from DefectDojo/release/2.59.0
rossops Jun 1, 2026
75d7f62
Update versions in application files
Jun 1, 2026
63a6390
Update versions in application files
Jun 1, 2026
b0db983
Merge pull request #14938 from DefectDojo/master-into-dev/2.59.0-2.60…
rossops Jun 1, 2026
3547ece
Merge pull request #14939 from DefectDojo/master-into-bugfix/2.59.0-2…
rossops Jun 1, 2026
dd70ad8
chore(deps): bump ruff from 0.15.13 to 0.15.14 (#14929)
manuel-sommer Jun 2, 2026
fe6a870
chore(deps): update dependency node from 24.15.0 to v24.16.0 (.github…
renovate[bot] Jun 3, 2026
1e86280
chore(deps): update docker/build-push-action action from v7.1.0 to v7…
renovate[bot] Jun 3, 2026
5646524
chore(deps): bump drf-spectacular-sidecar from 2026.5.1 to 2026.6.1
dependabot[bot] Jun 4, 2026
5ce0657
chore(deps): bump django-polymorphic from 4.11.3 to 4.11.5 (#14957)
dependabot[bot] Jun 5, 2026
c1b7b8a
feat(parser): set fix_available on GitHub Vulnerability findings (#14…
jsayerascb Jun 5, 2026
2da6cb6
Check statusCategory instead of the resolution field for Jira issue s…
derda17 Jun 5, 2026
ea9bd4f
chore(deps): update release-drafter/release-drafter action from v7.3.…
renovate[bot] Jun 5, 2026
98e801a
chore(deps): update actions/checkout action from v6.0.2 to v6.0.3 (.g…
renovate[bot] Jun 5, 2026
c08db32
feat(parsers): add Alert Logic CSV parser (#14930)
skywalke34 Jun 5, 2026
74a525e
feat: allow users to request peer review from themselves (#14946)
valentijnscholten Jun 5, 2026
bae53d1
Preserve verified flag when promoting duplicate to new original (#14934)
valentijnscholten Jun 5, 2026
136f54f
Prevent reimport from reactivating duplicate findings as active/verif…
valentijnscholten Jun 5, 2026
75e7834
fix(dependency_check): fold related dependency paths into description…
valentijnscholten Jun 5, 2026
51f9261
fix: guard filter snippet include when no form passed to metrics temp…
valentijnscholten Jun 5, 2026
68a272f
Fix for GHSA-w2j3-x3j3-mm43 (#14952)
dogboat Jun 5, 2026
d8074fc
chore(deps): bump ruff from 0.15.14 to 0.15.15 (#14959)
dependabot[bot] Jun 8, 2026
23c249e
Merge pull request #14955 from DefectDojo/dependabot/pip/dev/drf-spec…
rossops Jun 8, 2026
43bfc0d
Merge pull request #14951 from DefectDojo/renovate/docker-build-push-…
rossops Jun 8, 2026
a5b254a
Merge pull request #14950 from DefectDojo/renovate/node-24.x
rossops Jun 8, 2026
9f6c826
chore(deps): bump redis from 7.4.0 to 8.0.0 (#14958)
dependabot[bot] Jun 8, 2026
2799d2b
chore(deps): update actions/stale action from v10.2.0 to v10.3.0 (.gi…
renovate[bot] Jun 8, 2026
daf6d57
test(perf): re-enable import performance tests with recalibrated quer…
valentijnscholten Jun 8, 2026
8178281
test(perf): re-enable import performance tests with recalibrated quer…
valentijnscholten Jun 8, 2026
614a10b
fix(ui): add missing "solid" keyword to disclaimer border in new UI
ksitton58 Jun 11, 2026
589f084
chore(deps): bump sqlalchemy from 2.0.49 to 2.0.50 (#14918)
dependabot[bot] Jun 15, 2026
d9d4fa6
chore(deps): update gcr.io/cloudsql-docker/gce-proxy docker tag from …
renovate[bot] Jun 15, 2026
004b3cd
updates to endpoint status update
dogboat Jun 15, 2026
b171c5c
prevent changing endpoint/finding on existing objects
dogboat Jun 15, 2026
4e5b4b5
Add release notes for upgrading to DefectDojo Version 3.0.x (#15010)
Maffooch Jun 15, 2026
f086fd6
Enable v3 functionality and organization/asset relabeling by default …
Maffooch Jun 15, 2026
e6da78b
Refactor removal of deprecated features while preserving database sta…
Maffooch Jun 15, 2026
e392bd8
fix: update app version to 2.59.0 and adjust artifacthub annotations;…
Maffooch Jun 15, 2026
4323712
Merge branch 'dev' into bugfix
Maffooch Jun 15, 2026
a48a4fa
Merge pull request #15014 from DefectDojo/bugfix
Maffooch Jun 15, 2026
90ff9c1
Merge pull request #15015 from dogboat/location-ui-updates
dogboat Jun 15, 2026
2b2b255
Update versions in application files
Jun 15, 2026
b10ecf8
Merge pull request #15017 from DefectDojo/release/3.0.0
Maffooch Jun 15, 2026
14ea3de
Update versions in application files
Jun 15, 2026
cc0afa9
Update versions in application files
Jun 15, 2026
3faa652
chore: remove v2.59 release notes and update changelog for v3.0
Maffooch Jun 15, 2026
01e8e14
Merge pull request #15019 from DefectDojo/master-into-bugfix/3.0.0-3.…
Maffooch Jun 15, 2026
b31cf9a
Merge pull request #15020 from DefectDojo/master-into-dev/3.0.0-3.1.0…
Maffooch Jun 15, 2026
eab1363
Added global required fields notice for WCAG H90 compliance (#14962)
sym9 Jun 16, 2026
dbea165
[docs] june wk 1 maintenance (#14963)
paulOsinski Jun 16, 2026
b411197
chore(deps): bump esbuild and vite in /docs (#15004)
dependabot[bot] Jun 16, 2026
7d63bb8
fix(findings): resolve single-location filter against Location model …
skywalke34 Jun 17, 2026
f2105ef
fix: prevent 500 on org/product delete with deprecated endpoints, and…
Maffooch Jun 17, 2026
119d5a6
enhance api permission checks for updates (#15034)
dogboat Jun 17, 2026
f7a3d38
Update versions in application files
Jun 17, 2026
bfd4261
Merge pull request #15035 from DefectDojo/release/3.0.1
Maffooch Jun 17, 2026
e8ee0b3
fix(findings): normalize blank components to NULL (SC-13073)
Maffooch Jun 17, 2026
46a77e8
Update versions in application files
Jun 17, 2026
50d28ac
Update versions in application files
Jun 17, 2026
f2aaff5
Merge branch 'dev' into master-into-dev/3.0.1-3.1.0-dev
Maffooch Jun 17, 2026
0fce166
Merge pull request #15037 from DefectDojo/master-into-dev/3.0.1-3.1.0…
Maffooch Jun 17, 2026
5bf3274
Merge pull request #15036 from DefectDojo/master-into-bugfix/3.0.1-3.…
Maffooch Jun 17, 2026
5fd73ac
perf(importers): batch Vulnerability_Id inserts (#14966)
valentijnscholten Jun 17, 2026
8ef84e3
perf(importers): batch BurpRawRequestResponse inserts + re-enable per…
valentijnscholten Jun 17, 2026
751f757
Stabilize flaky notification-webhook integration test
Maffooch Jun 18, 2026
1c3f265
Update postgres:18.4-alpine Docker digest from 18.4 to 18.4-alpine (d…
renovate[bot] Jun 18, 2026
add3c9a
chore(deps): update docker/login-action action from v4.1.0 to v4.2.0 …
renovate[bot] Jun 18, 2026
5d5b1c5
chore(deps): update eps1lon/actions-label-merge-conflict action from …
renovate[bot] Jun 18, 2026
1ced735
chore(deps): update mccutchen/go-httpbin docker tag from 2.22.1 to v2…
renovate[bot] Jun 18, 2026
1e31c5e
Merge branch 'bugfix' into endpoint-status-updates
dogboat Jun 18, 2026
c38a57e
chore(deps): bump ruff from 0.15.15 to 0.15.16 (#14995)
dependabot[bot] Jun 18, 2026
cac9a83
fix(findings): chunk blank-component normalization migration
Maffooch Jun 18, 2026
d58ab66
chore(deps): bump pdfmake from 0.3.8 to 0.3.10 in /components (#14996)
dependabot[bot] Jun 18, 2026
ec00514
chore(deps-dev): bump vcrpy from 8.1.1 to 8.2.1 (#15028)
dependabot[bot] Jun 18, 2026
4588b20
perf(migrations): bulk backfill in 0268 release_authorization_to_pro
Maffooch Jun 18, 2026
e92a054
chore(deps): bump sqlalchemy from 2.0.50 to 2.0.51 (#15025)
dependabot[bot] Jun 18, 2026
eada00c
Update losisin/helm-values-schema-json-action digest from v3.0.1 to v…
renovate[bot] Jun 18, 2026
72300a6
chore(deps-dev): bump @tailwindcss/cli in /components (#15031)
dependabot[bot] Jun 18, 2026
f08d09f
chore(deps): bump vulners from 3.1.10 to 3.1.11 (#15030)
dependabot[bot] Jun 18, 2026
877296d
feat(govulncheck): add Govulncheck Scanner V2 parser
valentijnscholten Jun 18, 2026
438dc33
feat(cargo-audit): parse CVSS vectors and derive severity (SC-13140) …
Maffooch Jun 18, 2026
e4ce5ca
feat(parsers): add PICUS Breach and Attack Simulation CSV parser (#14…
skywalke34 Jun 18, 2026
eeff46d
test(perf): always run both v2 and v3 importer perf cases (#15042)
valentijnscholten Jun 18, 2026
2576607
feat(ui): fold Finding Groups under Findings in the sidebar (#15040)
ksitton58 Jun 18, 2026
8d27bd1
fix: prevent TypeError in clean_tags when parsers emit None tags (#15…
stevewallone Jun 18, 2026
7f37f0b
docs: add DefectDojo Pro Report Builder guides (UI, API, LLM) (#15008)
skywalke34 Jun 18, 2026
4a190df
chore(deps-dev): bump vcrpy from 8.1.1 to 8.2.1 (#15047)
dependabot[bot] Jun 22, 2026
d403b12
Merge pull request #15012 from dogboat/endpoint-status-updates
rossops Jun 22, 2026
850f77c
Merge pull request #15043 from DefectDojo/flaky-webhook-integration-test
rossops Jun 22, 2026
2738cad
Merge pull request #15045 from valentijnscholten/govulncheck-parser-v2
rossops Jun 22, 2026
1289084
Merge pull request #15001 from ksitton58/fix/new-ui-disclaimer-border…
rossops Jun 22, 2026
0a1f3fb
Merge pull request #15038 from DefectDojo/bugfix-13073-component-none
rossops Jun 22, 2026
c81667f
Merge pull request #15044 from DefectDojo/perf/0268-bulk-backfill-aut…
rossops Jun 22, 2026
fb29d5a
Fixing gha for new versioning scheme
rossops Jun 22, 2026
ffeefa1
Merge pull request #15052 from DefectDojo/ree/fix_gha_version
rossops Jun 22, 2026
e6efa6c
Update versions in application files
Jun 22, 2026
523d2f6
Merge pull request #15054 from DefectDojo/release/3.0.100
rossops Jun 22, 2026
2b2ea99
Update versions in application files
Jun 22, 2026
b784ca2
Merge branch 'dev' into master-into-dev/3.0.100-3.1.0-dev
rossops Jun 22, 2026
85db914
Merge pull request #15055 from DefectDojo/master-into-dev/3.0.100-3.1…
rossops Jun 22, 2026
c608eef
fix(ui): use brand color tokens instead of hardcoded hex in new UI (#…
ksitton58 Jun 22, 2026
e780723
refactor(ui): use design tokens instead of hardcoded colors on new lo…
ksitton58 Jun 22, 2026
02b622c
chore(deps): update docker/setup-buildx-action action from v4.0.0 to …
renovate[bot] Jun 23, 2026
71ebb3a
chore(deps): bump json-log-formatter from 1.1.1 to 1.2.1 (#14994)
dependabot[bot] Jun 23, 2026
bddd631
chore(deps): bump django-permissions-policy from 4.30.0 to 4.31.0 (#1…
dependabot[bot] Jun 23, 2026
fb57de2
update and optimize prefetcher (#14964)
dogboat Jun 23, 2026
57337b9
chore(deps): update dependency renovatebot/renovate from 43.141.6 to …
renovate[bot] Jun 23, 2026
5eb2fc4
Add Garak (NVIDIA LLM vulnerability scanner) parser (#15013)
Dashtid Jun 23, 2026
04f5269
Update valkey/valkey Docker tag from 9.0.4 to v9.1.0 (docker-compose.…
renovate[bot] Jun 23, 2026
f70eb57
chore(deps): update valkey docker tag from 0.20.2 to v0.22.1 (helm/de…
renovate[bot] Jun 24, 2026
76fcdb3
chore(deps): update azure/setup-helm action from v5.0.0 to v5.0.1 (.g…
renovate[bot] Jun 24, 2026
7ecb416
chore(deps): update dependency kubernetes from 1.33.12 to v1.33.13 (.…
renovate[bot] Jun 24, 2026
8508e2f
chore(deps): update python docker tag from 3.14.5 to v3.14.6 (dockerf…
renovate[bot] Jun 24, 2026
fa486c0
chore(deps): update softprops/action-gh-release action from v3.0.0 to…
renovate[bot] Jun 24, 2026
202250c
chore(deps-dev): bump django-debug-toolbar from 6.3.0 to 7.0.0 (#15071)
dependabot[bot] Jun 24, 2026
412978b
chore(deps): bump ruff from 0.15.16 to 0.15.19 (#15072)
dependabot[bot] Jun 24, 2026
42edc8f
chore(deps): bump django-environ from 0.13.0 to 0.14.0 (#15073)
dependabot[bot] Jun 24, 2026
eb68d69
chore(deps): bump redis from 8.0.0 to 8.0.1 (#15074)
dependabot[bot] Jun 24, 2026
b803c32
chore(deps): bump pdfmake from 0.3.10 to 0.3.11 in /components (#15075)
dependabot[bot] Jun 24, 2026
ee2b577
chore(deps): update actions/setup-python action from v6.2.0 to v6.3.0…
renovate[bot] Jun 24, 2026
4c50920
chore(deps): update dependency node from 24.16.0 to v24.18.0 (.github…
renovate[bot] Jun 24, 2026
600b3e7
chore(deps): update mccutchen/go-httpbin docker tag from 2.18.3 to v2…
renovate[bot] Jun 24, 2026
007df3b
chore(deps): update openapitools/openapi-generator-cli docker tag fro…
renovate[bot] Jun 24, 2026
f1cecef
Add XML support for Checkmarx CxFlow SAST parser
goutham-hari Jun 26, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
7 changes: 4 additions & 3 deletions .dryrunsecurity.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,8 @@ sensitiveCodepaths:
- 'dojo/group/*.py'
- 'dojo/importers/*.py'
- 'dojo/importers/**/*.py'
- 'dojo/jira_link/*.py'
- 'dojo/jira/*.py'
- 'dojo/jira/**/*.py'
- 'dojo/metrics/*.py'
- 'dojo/note_type/*.py'
- 'dojo/notes/*.py'
Expand All @@ -40,8 +41,8 @@ sensitiveCodepaths:
- 'dojo/middleware.py'
- 'dojo/models.py'
- 'dojo/okta.py'
- 'dojo/pipeline.py'
- 'dojo/remote_user.py'
- 'dojo/sso/pipeline.py'
- 'dojo/sso/remote_user.py'
- 'dojo/tasks.py'
- 'dojo/urls.py'
- 'dojo/utils.py'
Expand Down
14 changes: 14 additions & 0 deletions .gitattributes
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
# Normalize line endings to LF
*.sh text eol=lf
*.expect text eol=lf
*.py text eol=lf
*.yml text eol=lf
*.yaml text eol=lf
*.md text eol=lf

# Binary files — never touch line endings
*.png binary
*.jpg binary
*.gif binary
*.ico binary
*.pdf binary
8 changes: 6 additions & 2 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@ updates:
- package-ecosystem: pip
directory: "/"
schedule:
interval: daily
interval: weekly
day: wednesday
time: "08:00"
open-pull-requests-limit: 10
target-branch: dev
ignore:
Expand All @@ -16,7 +18,9 @@ updates:
- package-ecosystem: npm
directory: "/components"
schedule:
interval: daily
interval: weekly
day: wednesday
time: "08:00"
open-pull-requests-limit: 10
target-branch: dev
ignore:
Expand Down
2 changes: 1 addition & 1 deletion .github/pull_request_template.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ This checklist is for your information.
- [ ] Features/Changes should be submitted against the `dev`.
- [ ] Bugfixes should be submitted against the `bugfix` branch.
- [ ] Give a meaningful name to your PR, as it may end up being used in the release notes.
- [ ] Your code is flake8 compliant.
- [ ] Your code is Ruff compliant (see [ruff.toml](../ruff.toml)).
- [ ] Your code is python 3.13 compliant.
- [ ] If this is a new feature and not a bug fix, you've included the proper documentation in the docs at https://github.com/DefectDojo/django-DefectDojo/tree/dev/docs as part of this PR.
- [ ] Model changes must include the necessary migrations in the dojo/db_migrations folder.
Expand Down
6 changes: 4 additions & 2 deletions .github/renovate.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
{
"extends": [
"config:recommended"
"config:recommended",
"schedule:weekly"
],
"schedule": ["* * * * 3"],
"dependencyDashboard": true,
"dependencyDashboardApproval": false,
"baseBranchPatterns": ["dev"],
Expand All @@ -16,7 +18,7 @@
"dojo/components/yarn.lock",
"dojo/components/package.json"
],
"ignoreDeps": [],
"ignoreDeps": ["gohugoio/hugo"],
"packageRules": [{
"matchPackageNames": ["*"],
"commitMessageExtra": "from {{currentVersion}} to {{#if isMajor}}v{{{newMajor}}}{{else}}{{#if isSingleVersion}}v{{{newVersion}}}{{else}}{{{newValue}}}{{/if}}{{/if}}",
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/build-docker-images-for-testing.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ jobs:
echo $GITHUB_ENV

- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with:
persist-credentials: false

Expand All @@ -49,11 +49,11 @@ jobs:
run: echo "IMAGE_REPOSITORY=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0

- name: Build
id: docker_build
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
timeout-minutes: 15
env:
DOCKER_BUILD_CHECKS_ANNOTATIONS: false
Expand All @@ -67,7 +67,7 @@ jobs:
# export docker images to be used in next jobs below
- name: Upload image ${{ matrix.docker-image }} as artifact
timeout-minutes: 15
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: built-docker-image-${{ matrix.docker-image }}-${{ matrix.os }}-${{ env.PLATFORM }}
path: ${{ matrix.docker-image }}-${{ matrix.os }}-${{ env.PLATFORM }}_img
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/cancel-outdated-workflow-runs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 3
steps:
- uses: styfle/cancel-workflow-action@3155a141048f8f89c06b4cdae32e7853e97536bc # 0.13.0
- uses: styfle/cancel-workflow-action@d07a454dad7609a92316b57b23c9ccfd4f59af66 # 0.13.1
with:
workflow_id: 'integration-tests.yml,k8s-testing.yml,unit-tests.yml'
workflow_id: 'integration-tests.yml,k8s-tests.yml,unit-tests.yml,validate_docs_build.yml,test-helm-chart.yml,ruff.yml,shellcheck.yml'
access_token: ${{ github.token }}
4 changes: 2 additions & 2 deletions .github/workflows/close-stale.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Close issues and PRs that are pending closure
uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1
uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0
with:
# Disable automatic stale marking - only close manually labeled items
days-before-stale: -1
Expand All @@ -27,7 +27,7 @@ jobs:
close-pr-message: 'This PR has been automatically closed because it was manually labeled as stale. If you believe this was closed in error, please reopen it and remove the stale label.'

- name: Close stale issues and PRs
uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1
uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0
with:
# Disable automatic stale marking - only close manually labeled items
days-before-stale: -1
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/detect-merge-conflicts.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
- name: check if prs are conflicted
# we experience a high error rate so we allow this to fail but still have the check become green on the PR
continue-on-error: true
uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3.0.3
uses: eps1lon/actions-label-merge-conflict@0273be72a0bbd58fcd71d0d6c02c209b50d1e5e1 # v3.1.0
with:
dirtyLabel: "conflicts-detected"
repoToken: "${{ secrets.GITHUB_TOKEN }}"
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/fetch-oas.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
file-type: [yaml, json]
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with:
ref: release/${{ env.release_version }}

Expand Down Expand Up @@ -55,7 +55,7 @@ jobs:
run: docker compose down

- name: Upload oas.${{ matrix.file-type }} as artifact
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: oas-${{ matrix.file-type }}
path: oas.${{ matrix.file-type }}
Expand Down
16 changes: 8 additions & 8 deletions .github/workflows/gh-pages.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,33 +16,33 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Setup Hugo
uses: peaceiris/actions-hugo@75d2e84710de30f6ff7268e08f310b60ef14033f # v3.0.0
uses: peaceiris/actions-hugo@2752ce1d29631191ea3f27c23495fa06139a5b78 # v3.2.1
with:
hugo-version: '0.153.4' # renovate: datasource=github-releases depName=gohugoio/hugo
hugo-version: '0.153.4'
extended: true

- name: Setup Node
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: '24.13.0' # TODO: Renovate helper might not be needed here - needs to be fully tested
node-version: '24.18.0' # TODO: Renovate helper might not be needed here - needs to be fully tested

- name: Cache dependencies
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-

- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with:
submodules: recursive
fetch-depth: 0

- name: Setup Pages
id: pages
uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0
uses: actions/configure-pages@45bfe0192ca1faeb007ade9deae92b16b8254a0d # v6.0.0

- name: Install dependencies
run: cd docs && npm ci
Expand All @@ -53,7 +53,7 @@ jobs:
HUGO_ENV: production
run: cd docs && hugo --minify --gc --config config/production/hugo.toml
- name: Deploy
uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
uses: peaceiris/actions-gh-pages@84c30a85c19949d7eee79c4ff27748b70285e453 # v4.1.0
if: github.repository == 'DefectDojo/django-DefectDojo' # Deploy docs only in core repo, not in forks - it would just fail in fork
with: # publishes to the `gh-pages` branch by default
github_token: ${{ secrets.GITHUB_TOKEN }}
Expand Down
82 changes: 55 additions & 27 deletions .github/workflows/integration-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,38 +11,66 @@ jobs:
strategy:
matrix:
test-case: [
"tests/finding_test.py",
"tests/report_builder_test.py",
"tests/notes_test.py",
"tests/regulations_test.py",
"tests/product_type_test.py",
"tests/product_test.py",
"openapi-validatator",
"tests/action_history_test.py",
"tests/alerts_test.py",
"tests/announcement_banner_test.py",
"tests/banner_test.py",
"tests/base_test_class.py",
"tests/benchmark_test.py",
"tests/calendar_test.py",
"tests/check_various_pages.py",
"tests/close_old_findings_dedupe_test.py",
"tests/close_old_findings_test.py",
"tests/dashboard_test.py",
"tests/dedupe_test.py",
"tests/endpoint_extended_test.py",
"tests/endpoint_test.py",
"tests/engagement_checklist_test.py",
"tests/engagement_export_test.py",
"tests/engagement_extended_test.py",
"tests/engagement_presets_test.py",
"tests/engagement_test.py",
"tests/environment_test.py",
"tests/test_test.py",
"tests/user_test.py",
"tests/group_test.py",
"tests/product_group_test.py",
"tests/product_type_group_test.py",
"tests/false_positive_history_test.py",
"tests/file_test.py",
"tests/finding_extended_test.py",
"tests/finding_group_test.py",
"tests/finding_test.py",
"tests/login_test.py",
"tests/metrics_extended_test.py",
"tests/note_type_test.py",
"tests/notes_test.py",
"tests/notification_webhook_test.py",
"tests/notifications_test.py",
"tests/object_test.py",
"tests/product_member_test.py",
"tests/product_metadata_test.py",
"tests/product_tag_metrics_test.py",
"tests/product_test.py",
"tests/product_type_member_test.py",
"tests/ibm_appscan_test.py",
"tests/product_type_test.py",
"tests/questionnaire_advanced_test.py",
"tests/questionnaire_test.py",
"tests/regulations_test.py",
"tests/reimport_scan_test.py",
"tests/report_builder_test.py",
"tests/risk_acceptance_test.py",
"tests/search_test.py",
"tests/file_test.py",
"tests/dedupe_test.py",
"tests/announcement_banner_test.py",
"tests/close_old_findings_dedupe_test.py",
"tests/close_old_findings_test.py",
"tests/false_positive_history_test.py",
"tests/check_various_pages.py",
# "tests/import_scanner_test.py",
# "tests/zap.py",
"tests/notifications_test.py",
"tests/sla_configuration_test.py",
"tests/system_settings_test.py",
"tests/test_copy_test.py",
"tests/test_test.py",
"tests/test_type_test.py",
"tests/threat_model_test.py",
"tests/tool_config.py",
"openapi-validatator",
"tests/tool_product_test.py",
"tests/tool_type_test.py",
"tests/user_profile_test.py",
"tests/user_test.py",
# "tests/zap.py",
]
os: [alpine, debian]
os: [debian]
v3_feature_locations: [true, false]
exclude:
# standalone create endpoint page is gone in v3
Expand All @@ -54,11 +82,11 @@ jobs:

steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3

# load docker images from build jobs
- name: Load images from artifacts
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
path: built-docker-image
pattern: built-docker-image-*
Expand All @@ -76,7 +104,7 @@ jobs:
run: ln -s docker-compose.override.integration_tests.yml docker-compose.override.yml

- name: Start Dojo
run: docker compose up --no-deps -d postgres nginx celerybeat celeryworker mailhog uwsgi valkey
run: docker compose up --no-deps -d postgres nginx celerybeat celeryworker mailhog uwsgi valkey webhook.endpoint
env:
DJANGO_VERSION: ${{ matrix.os }}
NGINX_VERSION: alpine
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/k8s-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,18 +16,18 @@ jobs:
# databases, broker and k8s are independent, so we don't need to test each combination
# lastest k8s version (https://kubernetes.io/releases/) and the oldest officially supported version
# are tested (https://kubernetes.io/releases/)
- k8s: 'v1.35.0' # renovate: datasource=github-releases depName=kubernetes/kubernetes versioning=loose
- k8s: 'v1.35.4' # renovate: datasource=github-releases depName=kubernetes/kubernetes versioning=loose
os: debian
- k8s: '1.32.11' # renovate: datasource=custom.endoflife-oldest-maintained depName=kubernetes
- k8s: '1.33.13' # renovate: datasource=custom.endoflife-oldest-maintained depName=kubernetes
os: debian
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3

- name: Setup Minikube
uses: manusa/actions-setup-minikube@b589f2d61bf96695c546929c72b38563e856059d # v2.14.0
uses: manusa/actions-setup-minikube@b65276017fdec6f1e6498129fb740e34e260dc55 # v2.18.0
with:
minikube version: 'v1.38.0' # renovate: datasource=github-releases depName=kubernetes/minikube
minikube version: 'v1.38.1' # renovate: datasource=github-releases depName=kubernetes/minikube
kubernetes version: ${{ matrix.k8s }}
driver: docker
start args: '--addons=ingress --cni calico'
Expand All @@ -38,7 +38,7 @@ jobs:
minikube status

- name: Load images from artifacts
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
path: built-docker-image
pattern: built-docker-image-*
Expand Down
Loading
Loading