Release: Merge release into master from: release/2.14.0 #6802
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
…0-dev Master into dev/2.13.0 2.14.0 dev
* manually rebased on upstream/dev * rebased and cleaned up * updated jira test product data to include sla_configuration * accessibility fix * pep8 fixes * merged latest with dev and fixed some tests * cleaned up imports * manually rebased on upstream/dev * rebased and cleaned up * pep8 fixes * merged latest with dev and fixed some tests * cleaned up imports * rebase changes * bug fix * bug fix for default SLA configuration * another bug fix for new products * permission fixes * testing migration * test * testing separate migration files * testing * testing * testing * testing * testing * migrate existing SLA config in System Settings to Default entry * pep8 fixes * pep8 fixes * removed platform specifier from docker-compose files * permission fixes * pep8 fix Co-authored-by: Chris Fort <chris.fort@lexisnexis.com>
Bumps nginx from `87fb6f4` to `9c2030e`. --- updated-dependencies: - dependency-name: nginx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [packageurl-python](https://github.com/package-url/packageurl-python) from 0.10.0 to 0.10.1. - [Release notes](https://github.com/package-url/packageurl-python/releases) - [Changelog](https://github.com/package-url/packageurl-python/blob/main/CHANGELOG.rst) - [Commits](https://github.com/package-url/packageurl-python/commits) --- updated-dependencies: - dependency-name: packageurl-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…6647) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
#6645) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* Update settings.dist.py Added the requested lines for Blackduck Hub Deduplication #6161 * Update settings.dist.py changed cve to vulnerability_ids added component_version
* PoC for API_TOKENS_ENABLED * Flake8 + docs * Fix authMethods for `api/v2/doc/`
…ml) (#6654) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
….31.2 (helm/defectdojo/values.yaml) (#6646) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [jszip](https://github.com/Stuk/jszip) from 3.10.0 to 3.10.1. - [Release notes](https://github.com/Stuk/jszip/releases) - [Changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md) - [Commits](Stuk/jszip@v3.10.0...v3.10.1) --- updated-dependencies: - dependency-name: jszip dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [django](https://github.com/django/django) from 3.2.14 to 3.2.15. - [Release notes](https://github.com/django/django/releases) - [Commits](django/django@3.2.14...3.2.15) --- updated-dependencies: - dependency-name: django dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Snyk: update mitigation section * Correct unit tests
Bumps [python-gitlab](https://github.com/python-gitlab/python-gitlab) from 3.7.0 to 3.8.0. - [Release notes](https://github.com/python-gitlab/python-gitlab/releases) - [Changelog](https://github.com/python-gitlab/python-gitlab/blob/main/CHANGELOG.md) - [Commits](python-gitlab/python-gitlab@v3.7.0...v3.8.0) --- updated-dependencies: - dependency-name: python-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…6658) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
The first line of many shell scripts are missing the "!" character, which make them not to be taken as proper shebangs.
…ithub/workflows/k8s-testing.yml) (#6662) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [humanize](https://github.com/python-humanize/humanize) from 4.2.3 to 4.3.0. - [Release notes](https://github.com/python-humanize/humanize/releases) - [Commits](python-humanize/humanize@4.2.3...4.3.0) --- updated-dependencies: - dependency-name: humanize dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps nginx from `9c2030e` to `044441a`. --- updated-dependencies: - dependency-name: nginx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.9.1 to 2.10.0. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.9.1...v2.10.0) --- updated-dependencies: - dependency-name: google-auth dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…0-dev Release: Merge back 2.13.1 into dev from: master-into-dev/2.13.1-2.14.0-dev
* Clean feature branch * Clean feature branch * #flake8-your-pr fix * Shorten Title for pwn_sast findings * Shorten Title for pwn_sast findings * flake8 fix and include unit test to ensure title is not None * flake8 fix and include unit test to ensure title is not None #slight_tweak * flake8 fix and include unit test to ensure title is not None #flake8 * flake8 fix and include unit test to ensure title is not None #unittest * flake8 fix and include unit test to ensure title is not None #unittest * flake8 fix and include unit test to ensure title is not None #unittest * flake8 fix and include unit test to ensure title is not None #unittest * flake8 fix and include unit test to ensure title is not None #unittest
…ocker-compose.yml) (#6684) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…ocker-compose.yml) (#6682) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…ine (docker-compose.yml) (#6683) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.39 to 1.4.40. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Add all existing finding notes to the JIRA when created * Add unittests for pushing existing notes to jira Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Bumps [debugpy](https://github.com/microsoft/debugpy) from 1.6.2 to 1.6.3. - [Release notes](https://github.com/microsoft/debugpy/releases) - [Commits](microsoft/debugpy@v1.6.2...v1.6.3) --- updated-dependencies: - dependency-name: debugpy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.24.51 to 1.24.52. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.24.51...1.24.52) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
… (.github/workflows/release-drafter.yml) (#6715) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4.3 to 6.4.4. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@6.4.3...6.4.4) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.24.52 to 1.24.53. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.24.52...1.24.53) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [google-api-python-client](https://github.com/googleapis/google-api-python-client) from 2.56.0 to 2.57.0. - [Release notes](https://github.com/googleapis/google-api-python-client/releases) - [Changelog](https://github.com/googleapis/google-api-python-client/blob/main/CHANGELOG.md) - [Commits](googleapis/google-api-python-client@v2.56.0...v2.57.0) --- updated-dependencies: - dependency-name: google-api-python-client dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Adjusted description of SARIF findings to include Codeflow as well * Fixed some bugs * Added code snipppets, handled case if no column is provided and adjusted unit tests * Removed unneeded import * Adjusted flake8 findings
* Fix parser horusec * Fix parser horusec rename function * Fix horusec parser * Fix trailing whitespace (W291) * Update parser.py * Add unit tests * Fix unit test * Fix no newline at end of file (W292) * Fix Flake8 errors * Update test_horusec_parser.py * Update test_horusec_parser.py Co-authored-by: Damien Carol <damien.carol@gmail.com>
* Upgrade Jira module to 3.4.0 * Update VCR records * Update vcr * Update epic push vcr * Update recordings again * Return accidental deleted recording
* feat: add parser and importer for BalckDuck API * Add lib * Update requirements.txt * Update parser.py * Fix settings
Bumps [django-debug-toolbar](https://github.com/jazzband/django-debug-toolbar) from 3.5.0 to 3.6.0. - [Release notes](https://github.com/jazzband/django-debug-toolbar/releases) - [Changelog](https://github.com/jazzband/django-debug-toolbar/blob/main/docs/changes.rst) - [Commits](django-commons/django-debug-toolbar@3.5...3.6) --- updated-dependencies: - dependency-name: django-debug-toolbar dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.24.53 to 1.24.55. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.24.53...1.24.55) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#6730) * adapted the helm chart of initializer-job.yaml to allow for metadata annotations * adapted the helm chart of initializer-job.yaml to run after install or upgrade * fixed typo initializerKeepSeconds to initializer.keepSeconds * renamed to jobAnnotations and moved helm hook to template values * indent fix * indent fix
* Design fixes to footer, tags input, and filters * Update dojo.css * Update base.html
Bumps [google-api-python-client](https://github.com/googleapis/google-api-python-client) from 2.57.0 to 2.58.0. - [Release notes](https://github.com/googleapis/google-api-python-client/releases) - [Changelog](https://github.com/googleapis/google-api-python-client/blob/main/CHANGELOG.md) - [Commits](googleapis/google-api-python-client@v2.57.0...v2.58.0) --- updated-dependencies: - dependency-name: google-api-python-client dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…l) (#6755) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* Fix assignee bug in JIRA view * Update dojo/jira_link/views.py Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.10.0 to 2.11.0. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.10.0...v2.11.0) --- updated-dependencies: - dependency-name: google-auth dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Doc: Update local_settings.py description
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Release triggered by
Maffooch