Release: Merge release into master from: release/2.16.0 #7062
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
updated celery-beat-deployment template to include generic secrets for rabbitmq and mysql. Furthermore, removed not necessary ifs
updated celery-worker-deployment template to include generic secrets for rabbitmq and mysql. Furthermore, removed not necessary ifs
updated django-deployment template to include generic secrets for rabbitmq and mysql. Furthermore, removed not necessary ifs
fixed helm lint problems
fixed helm lint problems
fixed helm lint problems
…0-dev Release: Merge back 2.15.0 into dev from: master-into-dev/2.15.0-2.16.0-dev
…ine (docker-compose.yml) (#6936) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [pytz](https://github.com/stub42/pytz) from 2022.2.1 to 2022.4. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/commits) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…lows/submodule-update.yml) (#6949) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [google-api-python-client](https://github.com/googleapis/google-api-python-client) from 2.63.0 to 2.64.0. - [Release notes](https://github.com/googleapis/google-api-python-client/releases) - [Changelog](https://github.com/googleapis/google-api-python-client/blob/main/CHANGELOG.md) - [Commits](googleapis/google-api-python-client@v2.63.0...v2.64.0) --- updated-dependencies: - dependency-name: google-api-python-client dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…github/workflows/cancel-outdated-workflow-runs.yml) (#6927) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…ocker-compose.yml) (#6953) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
[Helm] Fix flawed logic in deployment env vars
added option to add labels using podLabels: {} #6935
* Create PVC as part of the Chart * Allow creating pvc or disabling it * Set pvc creation to false as default * Remove trailing spaces * Modify storage access mode and size * Update KUBERNETES.md to reflect storage accessMode * Fix linting issue * Modify pvc documentation in KUBERNETES.md
Bumps [psycopg2-binary](https://github.com/psycopg/psycopg2) from 2.9.3 to 2.9.4. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2-binary dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.27 to 3.1.28. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](gitpython-developers/GitPython@3.1.27...3.1.28) --- updated-dependencies: - dependency-name: gitpython dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit makes DefectDojo to support compliance scans performed by
NeuVector. Such scan results can only be fetched via REST API using
endpoints like /v1/scan/workload/{id} and /v1/host/{id}/compliance. The
latter one returns the results in a slightly different format. Both of
them are supported.
Bumps [google-api-python-client](https://github.com/googleapis/google-api-python-client) from 2.64.0 to 2.65.0. - [Release notes](https://github.com/googleapis/google-api-python-client/releases) - [Changelog](https://github.com/googleapis/google-api-python-client/blob/main/CHANGELOG.md) - [Commits](googleapis/google-api-python-client@v2.64.0...v2.65.0) --- updated-dependencies: - dependency-name: google-api-python-client dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Endpoint_Status: Optimize DB (remove redundancy) * small changes in comments * Fix importers, add TODOs * Fix migrations - rebase * Fix fixtures * add findings to Endpoint * consolidate models.py * fix alternative names for endpoint_status diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py index 592b6bb..83c5fc5 100644 --- a/dojo/api_v2/views.py +++ b/dojo/api_v2/views.py @@ -507,7 +507,7 @@ class FindingViewSet(prefetch.PrefetchListMixin, 'finding_group_set', 'files', 'burprawrequestresponse_set', - 'endpoint_status', + 'status_finding', 'finding_meta', 'test__test_type', 'test__engagement', @@ -1757,7 +1757,7 @@ class TestImportViewSet(prefetch.PrefetchListMixin, 'test_import_finding_action_set', 'findings_affected', 'findings_affected__endpoints', - 'findings_affected__endpoint_status', + 'findings_affected__status_finding', 'findings_affected__finding_meta', 'findings_affected__jira_issue', 'findings_affected__burprawrequestresponse_set', diff --git a/dojo/endpoint/views.py b/dojo/endpoint/views.py index 4bfb080..dd23975 100644 --- a/dojo/endpoint/views.py +++ b/dojo/endpoint/views.py @@ -32,10 +32,17 @@ logger = logging.getLogger(__name__) def process_endpoints_view(request, host_view=False, vulnerable=False): if vulnerable: - endpoints = Endpoint.objects.filter(finding__active=True, finding__verified=True, finding__false_p=False, - finding__duplicate=False, finding__out_of_scope=False) - # TODO - endpoints = endpoints.filter(endpoint_status__mitigated=False) + endpoints = Endpoint.objects.filter( + finding__active=True, + finding__verified=True, + finding__out_of_scope=False, + finding__mitigated__isnull=True, + finding__false_p=False, + finding__duplicate=False, + status_endpoint__mitigated=False, + status_endpoint__false_positive=False, + status_endpoint__out_of_scope=False, + status_endpoint__risk_accepted=False) else: endpoints = Endpoint.objects.all() @@ -121,7 +128,7 @@ def process_endpoint_view(request, eid, host_view=False): else: endpoints = None endpoint_metadata = dict(endpoint.endpoint_meta.values_list('name', 'value')) - all_findings = endpoint.findings() + all_findings = endpoint.findings.all() active_findings = endpoint.active_findings() if all_findings: diff --git a/dojo/filters.py b/dojo/filters.py index 6a24a0b..5c07ae8 100644 --- a/dojo/filters.py +++ b/dojo/filters.py @@ -1132,7 +1132,7 @@ class ApiFindingFilter(DojoFilter): class Meta: model = Finding exclude = ['url', 'thread_id', 'notes', 'files', - 'line', 'endpoint_status', 'cve'] + 'line', 'cve'] class FindingFilter(FindingFilterWithTags): @@ -1292,7 +1292,7 @@ class FindingFilter(FindingFilterWithTags): 'endpoints', 'references', 'thread_id', 'notes', 'scanner_confidence', 'numerical_severity', 'line', 'duplicate_finding', - 'hash_code', 'endpoint_status', + 'hash_code', 'reviewers', 'created', 'files', 'sla_start_date', 'cvssv3', 'severity_justification', 'steps_to_reproduce'] @@ -1716,7 +1716,7 @@ class EndpointFilter(DojoFilter): class Meta: model = Endpoint - fields = '__all__' + exclude = ['findings'] class ApiEndpointFilter(DojoFilter): @@ -1928,8 +1928,8 @@ class ReportFindingFilter(FindingFilterWithTags): model = Finding # exclude sonarqube issue as by default it will show all without checking permissions exclude = ['date', 'cwe', 'url', 'description', 'mitigation', 'impact', - 'endpoint', 'references', 'test', 'sonarqube_issue', - 'thread_id', 'notes', 'endpoint_status', + 'references', 'test', 'sonarqube_issue', + 'thread_id', 'notes', 'endpoints', 'numerical_severity', 'reporter', 'last_reviewed', 'jira_creation', 'jira_change', 'files'] diff --git a/dojo/finding/views.py b/dojo/finding/views.py index aafd48b..9b58860 100644 --- a/dojo/finding/views.py +++ b/dojo/finding/views.py @@ -213,10 +213,9 @@ def prefetch_for_findings(findings, prefetch_type='all'): prefetched_findings = prefetched_findings.prefetch_related('notes') prefetched_findings = prefetched_findings.prefetch_related('tags') prefetched_findings = prefetched_findings.prefetch_related('endpoints') - prefetched_findings = prefetched_findings.prefetch_related('endpoint_status') - prefetched_findings = prefetched_findings.prefetch_related('endpoint_status__endpoint') - prefetched_findings = prefetched_findings.annotate(active_endpoint_count=Count('endpoint_status__id', filter=Q(endpoint_status__mitigated=False))) - prefetched_findings = prefetched_findings.annotate(mitigated_endpoint_count=Count('endpoint_status__id', filter=Q(endpoint_status__mitigated=True))) + prefetched_findings = prefetched_findings.prefetch_related('status_finding') + prefetched_findings = prefetched_findings.annotate(active_endpoint_count=Count('status_finding__id', filter=Q(status_finding__mitigated=False))) + prefetched_findings = prefetched_findings.annotate(mitigated_endpoint_count=Count('status_finding__id', filter=Q(status_finding__mitigated=True))) prefetched_findings = prefetched_findings.prefetch_related('finding_group_set') prefetched_findings = prefetched_findings.prefetch_related('test__engagement__product__members') prefetched_findings = prefetched_findings.prefetch_related('test__engagement__product__prod_type__members') diff --git a/dojo/forms.py b/dojo/forms.py index 647eeb7..81bd00c 100755 --- a/dojo/forms.py +++ b/dojo/forms.py @@ -926,7 +926,7 @@ class AddFindingForm(forms.ModelForm): class Meta: model = Finding exclude = ('reporter', 'url', 'numerical_severity', 'under_review', 'reviewers', 'cve', - 'review_requested_by', 'is_mitigated', 'jira_creation', 'jira_change', 'endpoint_status', 'sla_start_date') + 'review_requested_by', 'is_mitigated', 'jira_creation', 'jira_change', 'endpoints', 'sla_start_date') class AdHocFindingForm(forms.ModelForm): diff --git a/dojo/models.py b/dojo/models.py index 5e89b3c..48ae52a 100755 --- a/dojo/models.py +++ b/dojo/models.py @@ -1461,18 +1461,16 @@ class Endpoint(models.Model): @Property def active_findings_count(self): - return self.active_findings.count() + return self.active_findings().count() - @Property def host_endpoints(self): return Endpoint.objects.filter(host=self.host, product=self.product).distinct() @Property def host_endpoints_count(self): - return self.host_endpoints.count() + return self.host_endpoints().count() - @Property def host_mitigated_endpoints(self): # TODO meps = Endpoint_Status.objects.filter(endpoint__in=self.host_endpoints, mitigated=True) @@ -1480,17 +1478,15 @@ class Endpoint(models.Model): @Property def host_mitigated_endpoints_count(self): - return self.host_mitigated_endpoints.count() + return self.host_mitigated_endpoints().count() - @Property def host_findings(self): return Finding.objects.filter(endpoints__in=self.host_endpoints).distinct() @Property def host_findings_count(self): - return self.host_finding.count() + return self.host_finding().count() - @Property def host_active_findings(self): findings = self.host_findings.filter(active=True, verified=True, @@ -1506,7 +1502,7 @@ class Endpoint(models.Model): @Property def host_active_findings_count(self): - return self.host_active_findings.count() + return self.host_active_findings().count() def get_breadcrumbs(self): bc = self.product.get_breadcrumbs() diff --git a/dojo/templates/dojo/findings_list_snippet.html b/dojo/templates/dojo/findings_list_snippet.html index 5d557d5..a45aa6d 100644 --- a/dojo/templates/dojo/findings_list_snippet.html +++ b/dojo/templates/dojo/findings_list_snippet.html @@ -369,7 +369,7 @@ {% else %} {% if finding.endpoints.all %} <i class="fa fa-sitemap has-popover dojo-sup" data-html="true" data-trigger="hover" data-content=" - {% for endpoint_status in finding.endpoint_status.all %} + {% for endpoint_status in finding.status_finding.all %} {% if endpoint_status.mitigated %} ✓ {{ endpoint_status.endpoint }}<br/> {% else %} diff --git a/dojo/templates/dojo/view_test.html b/dojo/templates/dojo/view_test.html index 94a1636..b47ba37 100644 --- a/dojo/templates/dojo/view_test.html +++ b/dojo/templates/dojo/view_test.html @@ -827,7 +827,7 @@ {% else %} {% if finding.endpoints.all %} <i class="fa dojo-sup fa-sitemap has-popover" data-html="true" data-trigger="hover" data-content=" - {% for endpoint_status in finding.endpoint_status.all %} + {% for endpoint_status in finding.status_finding.all %} {% if endpoint_status.mitigated %} ✓ {% else %} diff --git a/dojo/templatetags/get_endpoint_status.py b/dojo/templatetags/get_endpoint_status.py index 3f2d40f..8b35c42 100644 --- a/dojo/templatetags/get_endpoint_status.py +++ b/dojo/templatetags/get_endpoint_status.py @@ -1,5 +1,6 @@ from django import template from dojo.models import Endpoint_Status +from django.db.models import Q register = template.Library() @@ -10,18 +11,20 @@ def has_endpoints(finding): @register.filter(name='get_vulnerable_endpoints') def get_vulnerable_endpoints(finding): - # TODO - # TODO - remove `.all()`, use 'select_related' endpoints and change for-loop to select -> to decrease number of queries - status_list = finding.endpoint_status.all().filter(mitigated=False) - return [status.endpoint for status in status_list] + return finding.endpoints.filter( + status_endpoint__mitigated=False, + status_endpoint__false_positive=False, + status_endpoint__out_of_scope=False, + status_endpoint__risk_accepted=False) @register.filter(name='get_mitigated_endpoints') def get_mitigated_endpoints(finding): - # TODO - # TODO - remove `.all()`, use 'select_related' endpoints and change for-loop to select -> to decrease number of queries - status_list = finding.endpoint_status.all().filter(mitigated=True) - return [status.endpoint for status in status_list] + return finding.endpoints.filter( + Q(status_endpoint__mitigated=True) | + Q(status_endpoint__false_positive=True) | + Q(status_endpoint__out_of_scope=True) | + Q(status_endpoint__risk_accepted=False)) @register.filter diff --git a/dojo/test/views.py b/dojo/test/views.py index 467c4c9..3acfeb9 100644 --- a/dojo/test/views.py +++ b/dojo/test/views.py @@ -210,10 +210,9 @@ def prefetch_for_findings(findings): queryset=Test_Import_Finding_Action.objects.exclude(action=IMPORT_UNTOUCHED_FINDING))) prefetched_findings = prefetched_findings.prefetch_related('endpoints') - prefetched_findings = prefetched_findings.prefetch_related('endpoint_status') - prefetched_findings = prefetched_findings.prefetch_related('endpoint_status__endpoint') - prefetched_findings = prefetched_findings.annotate(active_endpoint_count=Count('endpoint_status__id', filter=Q(endpoint_status__mitigated=False))) - prefetched_findings = prefetched_findings.annotate(mitigated_endpoint_count=Count('endpoint_status__id', filter=Q(endpoint_status__mitigated=True))) + prefetched_findings = prefetched_findings.prefetch_related('status_finding') + prefetched_findings = prefetched_findings.annotate(active_endpoint_count=Count('status_finding__id', filter=Q(status_finding__mitigated=False))) + prefetched_findings = prefetched_findings.annotate(mitigated_endpoint_count=Count('status_finding__id', filter=Q(status_finding__mitigated=True))) prefetched_findings = prefetched_findings.prefetch_related('finding_group_set__jira_issue') prefetched_findings = prefetched_findings.prefetch_related('duplicate_finding') prefetched_findings = prefetched_findings.prefetch_related('vulnerability_id_set') * flake8 + (re)import * fix metrics * fix dojo/finding/views.py * fix endpoint properties * add migration tests * show all statuses, add new tests * Reindex migration * add TODOs * Reindex migration (169->172) * Fix wrong indented * Fix wrong ind. * Fix flake8 * Fix .copy * Define host_mitigated_endpoints * Rewrite host_mitigated_endpoints, fix test_duplicate_finding_with_endpoints * Fix ind. * Rewrite host_mitigated_endpoints * Fix unit tests * Fix rest unit test * Fix other tests * Fix metrics tests * Fix metrics unittests
* [FIX] Edit Finding's mitigated time (EDITABLE_MITIGATED_DATA)
When using "EDITABLE_MITIGATED_DATA = True", several issues are present within the application:
- Closing a finding with a mitigation date in the past close the finding badly: the "active" parameter is not set to false and thus, Finding does not appear at all in the "Closed Finding" tab...
- Closing a finding with a mitigation date in the past close the finding badly: The assets linked to the finding are not affected and remain vulnerable, even if Finding is closed.
- The form is added within the "Edit Finding" form, whereas there is a dedicated "Close Finding Form". Not very logical.
- Calendar Box used is not the standard DefectDojo one.
The Fix contains:
- Close date is added within the "Close Finding" formulary and removed from "Edit Finding", which is much more logical.
- Calendar is set to the default one used in the whole app.
- Closing a finding with a date in the past sets also "active" to "False" and closes the linked asset. Nothing touched here, as we are now using functions of the "Close Finding" form !
* Fixing Flake8 issues
* Bug fix
This should not have been commented or will raise an error when editing finding
* Allowing (again) Mitigation date in "Edit Finding" Form
* Unused import
* Allowing (again) Mitigation date in "Edit Finding" Form
* DateField behaviour update
DateField behaviour change:
- Hide on active = checked
- Restore previous value if active = check and then active = uncheck
- Truncate date displayed (and saved) to keep only YYYY-MM-DD
* Fix is_mitigated when not active and mitigated data is edited
When CAN_EDIT_MITIGATED_DATA is used, finding is set to active = false and closed, but does not appear in the closed findings. This was because is_mitigated was not set to True.
In addition, associated endpoint status were not updated at all.
* ADDING API /api/v2/findings/{id}/close/
Adding a /api/v2/findings/{id}/close/ path to the API:
- Date is timezone.now() if none is provided or EDITABLE_MITIGATED_DATA is False
Corresponding Endpoint status are also updated
* Fixing Flake8, Unit / Integration tests issues
Fixing issues:
- Flake8 indentation and spaces issues
- Javascript issues in /reports/quick?url=/finding (already existing) and in /finding/1/edit (generated by my code)
- API field list was not recognized (1 parameter recognized as str instead of tuple)
* Fix
Already checked in the views
* Indentation
* Remove empty spaces
* Bug fix
Saving mitigator and mitigation date when closing from "Close View". Before, the Mitigator and date was current user and current day.
Saving mitigator of endpoint when closing from "Edit View". Before, the mitigator of the endpoints was current user.
* Siplifying and adding permissions
- Simplifying using a queryset and permissions for this queryset view
- Adding permissions also for the Close Finding View
- Loading users only if setting is activated (request optimizing)
- Populating Edit Form with mitigator and mitigation date
- Post Cleaning data for the mitigator and mitigated by fields on Close Finding View
* Fix
Now was not declared when declaring a False positive.
* Cleaned Data update
Using Django cleaned_data.get() function
* Update Chart.yaml
* Update package.json
* Update __init__.py
* Update pipeline.py
* Update pipeline.py
* Update __init__.py
* Update pipeline.py
Bumps [boto3](https://github.com/boto/boto3) from 1.25.0 to 1.25.1. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.25.0...1.25.1) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [google-auth-oauthlib](https://github.com/GoogleCloudPlatform/google-auth-library-python-oauthlib) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/GoogleCloudPlatform/google-auth-library-python-oauthlib/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python-oauthlib/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python-oauthlib@v0.6.0...v0.7.0) --- updated-dependencies: - dependency-name: google-auth-oauthlib dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [psycopg2-binary](https://github.com/psycopg/psycopg2) from 2.9.4 to 2.9.5. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2-binary dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#6973) * Add a link back to the vulnerability in the references for Acunetix360 * Update dojo/tools/acunetix360/parser.py Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
…7027) When users have read only access, It makes sense for them to be able to request another user to review a finding
….15.3 (.github/workflows/release-3-master-into-dev.yml) (#7034) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.25.1 to 1.25.2. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.25.1...1.25.2) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
….json) (#7038) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.25.2 to 1.25.3. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.25.2...1.25.3) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [python-gitlab](https://github.com/python-gitlab/python-gitlab) from 3.10.0 to 3.11.0. - [Release notes](https://github.com/python-gitlab/python-gitlab/releases) - [Changelog](https://github.com/python-gitlab/python-gitlab/blob/main/CHANGELOG.md) - [Commits](python-gitlab/python-gitlab@v3.10.0...v3.11.0) --- updated-dependencies: - dependency-name: python-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ab (#6514) * Add the ability to the UI to delete engagements from the engagement tab * Update dojo/templates/dojo/engagements_all.html Co-authored-by: Blake Owens <76979297+blakeaowens@users.noreply.github.com> * Update dojo/templates/dojo/engagements_all.html Co-authored-by: Blake Owens <76979297+blakeaowens@users.noreply.github.com> * Update dojo/templates/dojo/engagement.html Co-authored-by: Blake Owens <76979297+blakeaowens@users.noreply.github.com> * Update dojo/templates/dojo/engagement.html Co-authored-by: Blake Owens <76979297+blakeaowens@users.noreply.github.com> * Update engagement.html * Update engagements_all.html Co-authored-by: Blake Owens <76979297+blakeaowens@users.noreply.github.com>
Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.2.0 to 9.3.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@9.2.0...9.3.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.25.3 to 1.25.4. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.25.3...1.25.4) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: quirin.ziessler <quirin.ziessler@tradebyte.com>
…ithub/workflows/k8s-testing.yml) (#7047) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps nginx from `bffb433` to `2452715`. --- updated-dependencies: - dependency-name: nginx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
If a ticket has not been assigned to a user, status changes cannot be applied via the web hook as exceptions are thrown and caught
Bumps [pytz](https://github.com/stub42/pytz) from 2022.5 to 2022.6. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](stub42/pytz@release_2022.5...release_2022.6) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.25.4 to 1.25.5. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.25.4...1.25.5) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: google-auth dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Release triggered by
Maffooch