Merge pull request #3918 from DefectDojo/release/1.13.0

Release: Merge release into master from: release/1.13.0

.github/PULL_REQUEST_TEMPLATE/pull_request_template.md

@@ -1,7 +1,7 @@
 **Description**
 
 Describe the feature / bug fix implemented by this PR.
-If this is a new parser, [the parser guide](../../doc/guide_to_parser_writing.md) may be worth (re)reading.
+If this is a new parser, [the parser guide](https://defectdojo.github.io/django-DefectDojo/contributing/how-to-write-a-parser/) may be worth (re)reading.
 
 **Test results**
 

.github/workflows/cancel-outdated-workflow-runs.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 3
     steps:
-      - uses: styfle/cancel-workflow-action@0.7.0
+      - uses: styfle/cancel-workflow-action@0.8.0
         with:
           workflow_id: 'integration-tests.yml,k8s-testing.yml,unit-tests.yml'
           access_token: ${{ github.token }}

.github/workflows/gh-pages.yml

@@ -0,0 +1,30 @@
+name: github-pages
+
+on:
+  push:
+    branches:
+      - dev
+
+jobs:
+  deploy:
+    runs-on: ubuntu-18.04
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: true  # Fetch Hugo themes (true OR recursive)
+          fetch-depth: 0    # Fetch all history for .GitInfo and .Lastmod
+
+      - name: Setup Hugo
+        uses: peaceiris/actions-hugo@v2
+        with:
+          hugo-version: '0.79.1'
+          # extended: true
+
+      - name: Build
+        run: cd docs && hugo --minify
+
+      - name: Deploy
+        uses: peaceiris/actions-gh-pages@v3
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./docs/public

.github/workflows/new-release-master-into-dev.yml

@@ -54,7 +54,7 @@ jobs:
           grep appVersion helm/defectdojo/Chart.yaml
           grep version components/package.json
       - name: Push version changes
-        uses: stefanzweifel/git-auto-commit-action@v4.8.0
+        uses: stefanzweifel/git-auto-commit-action@v4.9.0
         with:
           commit_user_name: "${{ env.GIT_USERNAME }}"
           commit_user_email: "${{ env.GIT_EMAIL }}"

.github/workflows/new-release-pr.yml

@@ -60,7 +60,7 @@ jobs:
           grep appVersion helm/defectdojo/Chart.yaml
           grep version components/package.json
       - name: Push version changes
-        uses: stefanzweifel/git-auto-commit-action@v4.8.0
+        uses: stefanzweifel/git-auto-commit-action@v4.9.0
         with:
           commit_user_name: "${{ env.GIT_USERNAME }}"
           commit_user_email: "${{ env.GIT_EMAIL }}"

.github/workflows/plantuml.yml

@@ -30,7 +30,7 @@ jobs:
         with:
           args: -v -tpng ${{ steps.getfile.outputs.files }}
       - name: Push Local Changes
-        uses: stefanzweifel/git-auto-commit-action@v4.8.0
+        uses: stefanzweifel/git-auto-commit-action@v4.9.0
         with:
           commit_user_name: "PlantUML_bot"
           commit_user_email: "[email protected]"

.github/workflows/release-drafter.yml

@@ -19,7 +19,7 @@ jobs:
   update_release_draft:
     runs-on: ubuntu-latest
     steps:
-      - uses: release-drafter/release-drafter@v5.13.0
+      - uses: release-drafter/release-drafter@v5.14.0
         with:
           version: ${{github.event.inputs.version}}  
         env:

.gitignore

@@ -129,3 +129,5 @@ docker/extra_settings/*
 # Helm dependencies
 helm/defectdojo/charts
 
+# generates files for github pages
+public

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "docs/themes/learn"]
+	path = docs/themes/learn
+	url = https://github.com/matcornic/hugo-theme-learn.git

CONTRIBUTING.md

@@ -14,7 +14,7 @@ Here are a few things to keep in mind when making changes to DefectDojo.
 
 ## Writing a new parser
 
-Please see [this file](doc/guide_to_parser_writing.md) for guidance on how to write a parser.
+Please see [the parser guide](https://defectdojo.github.io/django-DefectDojo/contributing/how-to-write-a-parser/) for guidance on how to write a parser.
 
 ## Modifying DefectDojo and Testing
 

Dockerfile.nginx

@@ -34,16 +34,18 @@ RUN \
   apt-get -y update && \
   apt-get -y install apt-transport-https ca-certificates curl wget && \
   curl -sSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add --no-tty - && \
-  curl -sL https://deb.nodesource.com/setup_12.x | bash - && \
+  echo 'deb https://deb.nodesource.com/node_14.x buster main' > /etc/apt/sources.list.d/nodesource.list && \
+  echo 'deb-src https://deb.nodesource.com/node_14.x buster main' >> /etc/apt/sources.list.d/nodesource.list && \
+  apt-get update -y -o Dir::Etc::sourcelist="sources.list.d/nodesource.list" \
+  -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" && \
   curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
-  wget https://github.com/yarnpkg/yarn/releases/download/v1.21.0/yarn_1.21.0_all.deb && \
-  dpkg -i yarn_1.21.0_all.deb && \
-  apt-get -y update && \
+  wget https://github.com/yarnpkg/yarn/releases/download/v1.22.10/yarn_1.22.10_all.deb && \
+  dpkg -i yarn_1.22.10_all.deb && \
   echo "$(yarn --version)" && \
   apt-get -y install nodejs && \
   echo "$(node --version)" && \
   apt-get clean && \
-  rm yarn_1.21.0_all.deb && \
+  rm yarn_1.22.10_all.deb && \
   rm -rf /var/lib/apt/lists && \
   true
 
@@ -54,17 +56,16 @@ RUN pip3 install \
 	-r ./requirements.txt
 
 COPY components/ ./components/
+RUN \
+  cd components && \
+  yarn
+
 COPY manage.py ./
 COPY dojo/ ./dojo/
 
-RUN \
-  cd components && \
-  yarn && \
-  cd .. && \
-  env DD_SECRET_KEY='.' python3 manage.py collectstatic --noinput && \
-  true
+RUN env DD_SECRET_KEY='.' python3 manage.py collectstatic --noinput && true
 
-FROM nginx:1.19.6-alpine@sha256:01747306a7247dbe928db991eab42e4002118bf636dd85b4ffea05dd907e5b66
+FROM nginx:1.19.7-alpine@sha256:14536d83ca3128923ee7c2f7f4f285e023abd40f3ccdc8911f56cd4119558506
 ARG uid=1001
 ARG appuser=defectdojo
 COPY --from=collectstatic /app/static/ /usr/share/nginx/html/static/

components/package.json

@@ -1,6 +1,6 @@
 {
   "name": "DefectDojo",
-  "version": "1.12.1",
+  "version": "1.13.0",
   "dependencies": {
     "JUMFlot": "jumjum123/JUMFlot#*",
     "bootstrap": "^3.4.0",
@@ -19,7 +19,7 @@
     "datatables.net-dt": "^1.10.23",
     "drmonty-datatables-plugins": "^1.0.0",
     "drmonty-datatables-responsive": "^1.0.0",
-    "easymde": "^2.13.0",
+    "easymde": "^2.14.0",
     "flot": "flot/flot#~0.8.3",
     "flot-axis": "markrcote/flot-axislabels#*",
     "font-awesome": "^4.0.0",
@@ -30,8 +30,8 @@
     "jquery.cookie": "1.4.1",
     "jquery.flot.tooltip": "^0.9.0",
     "jquery.hotkeys": "jeresig/jquery.hotkeys#master",
-    "jszip": "^3.5.0",
-    "justgage": "^1.4.0",
+    "jszip": "^3.6.0",
+    "justgage": "^1.4.2",
     "metismenu": "~3.0.6",
     "moment": "^2.29.1",
     "morris.js": "morrisjs/morris.js",

components/yarn.lock

@@ -163,10 +163,10 @@ [email protected]:
   dependencies:
     typo-js "*"
 
-codemirror@^5.58.2:
-  version "5.58.2"
-  resolved "https://registry.yarnpkg.com/codemirror/-/codemirror-5.58.2.tgz#ed54a1796de1498688bea1cdd4e9eeb187565d1b"
-  integrity sha512-K/hOh24cCwRutd1Mk3uLtjWzNISOkm4fvXiMO7LucCrqbh6aJDdtqUziim3MZUI6wOY0rvY1SlL1Ork01uMy6w==
+codemirror@^5.59.2:
+  version "5.59.2"
+  resolved "https://registry.yarnpkg.com/codemirror/-/codemirror-5.59.2.tgz#ee674d3a4a8d241af38d52afc482625ba7393922"
+  integrity sha512-/D5PcsKyzthtSy2NNKCyJi3b+htRkoKv3idswR/tR6UAvMNKA7SrmyZy6fOONJxSRs1JlUWEDAbxqfdArbK8iA==
 
 components-jqueryui@^1.0.0:
   version "1.12.1"
@@ -330,14 +330,14 @@ duplexer2@~0.1.4:
   dependencies:
     readable-stream "^2.0.2"
 
-easymde@^2.13.0:
-  version "2.13.0"
-  resolved "https://registry.yarnpkg.com/easymde/-/easymde-2.13.0.tgz#bcbec4d0d02a2088511e8485705cc6bb3aec0988"
-  integrity sha512-Q9cfsMzIwtXS2h/1toB404aYRkOukjVroZP2/7uItO4W5e3pC8mey2NsHlSAGRdR2pIwR2XheA4TucX0IjseBA==
+easymde@^2.14.0:
+  version "2.14.0"
+  resolved "https://registry.yarnpkg.com/easymde/-/easymde-2.14.0.tgz#ba556954ec3a8084fc2984499f58945c81b689ec"
+  integrity sha512-yQh3EF1amknaxDhXE1L28kwknREU8S19o01ki0t6Q8ThECCipXTOM3E/LL32Ia5D3AsCBRbC1/fT5tpLniVGuw==
   dependencies:
-    codemirror "^5.58.2"
+    codemirror "^5.59.2"
     codemirror-spell-checker "1.1.2"
-    marked "^1.2.3"
+    marked "^2.0.0"
 
 es-abstract@^1.17.0-next.1, es-abstract@^1.17.5:
   version "1.17.6"
@@ -679,20 +679,20 @@ jquery.hotkeys@jeresig/jquery.hotkeys#master:
   resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.5.1.tgz#d7b4d08e1bfdb86ad2f1a3d039ea17304717abb5"
   integrity sha512-XwIBPqcMn57FxfT+Go5pzySnm4KWkT1Tv7gjrpT1srtf8Weynl6R273VJ5GjkRb51IzMp5nbaPjJXMWeju2MKg==
 
-jszip@^3.5.0:
-  version "3.5.0"
-  resolved "https://registry.yarnpkg.com/jszip/-/jszip-3.5.0.tgz#b4fd1f368245346658e781fec9675802489e15f6"
-  integrity sha512-WRtu7TPCmYePR1nazfrtuF216cIVon/3GWOvHS9QR5bIwSbnxtdpma6un3jyGGNhHsKCSzn5Ypk+EkDRvTGiFA==
+jszip@^3.6.0:
+  version "3.6.0"
+  resolved "https://registry.yarnpkg.com/jszip/-/jszip-3.6.0.tgz#839b72812e3f97819cc13ac4134ffced95dd6af9"
+  integrity sha512-jgnQoG9LKnWO3mnVNBnfhkh0QknICd1FGSrXcgrl67zioyJ4wgx25o9ZqwNtrROSflGBCGYnJfjrIyRIby1OoQ==
   dependencies:
     lie "~3.3.0"
     pako "~1.0.2"
     readable-stream "~2.3.6"
     set-immediate-shim "~1.0.1"
 
-justgage@^1.4.0:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/justgage/-/justgage-1.4.0.tgz#c978fba491db53d121bc244faec142fd40a6b839"
-  integrity sha512-ziX2FAidHHBTTCKMPODEgGpOxAYfESjHkUNbfsOJfoJkucOZOPuZpXgRds3dMveWI2k0MEN9r0I223hzyQvweg==
+justgage@^1.4.2:
+  version "1.4.2"
+  resolved "https://registry.yarnpkg.com/justgage/-/justgage-1.4.2.tgz#4910f26f418a599e958af26f4860448d1ed1994f"
+  integrity sha512-21SyCBko3VXT8bWPzD4XqpoJsUDNYh0yQHkVXqdW7gMXc2U4taMqwdKNKwqCwRJ/KYoYPVi/FMPZDz8mlTTnVA==
   dependencies:
     raphael "^2.3.0"
 
@@ -727,10 +727,10 @@ [email protected]:
   dependencies:
     sourcemap-codec "^1.4.1"
 
-marked@^1.2.3:
-  version "1.2.3"
-  resolved "https://registry.yarnpkg.com/marked/-/marked-1.2.3.tgz#58817ba348a7c9398cb94d40d12e0d08df83af57"
-  integrity sha512-RQuL2i6I6Gn+9n81IDNGbL0VHnta4a+8ZhqvryXEniTb/hQNtf3i26hi1XWUhzb9BgVyWHKR3UO8MaHtKoYibw==
+marked@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/marked/-/marked-2.0.0.tgz#9662bbcb77ebbded0662a7be66ff929a8611cee5"
+  integrity sha512-NqRSh2+LlN2NInpqTQnS614Y/3NkVMFFU6sJlRFEpxJ/LHuK/qJECH7/fXZjk4VZstPW/Pevjil/VtSONsLc7Q==
 
 [email protected]:
   version "1.0.4"

docker-compose.yml

@@ -91,7 +91,7 @@ services:
           source: ./docker/extra_settings
           target: /app/docker/extra_settings
   mysql:
-    image: mysql:5.7.33@sha256:45ad5952e4f304d39aedb02caf7e0afc30a310e66f7ab60af8acf20fd4a0f54c
+    image: mysql:5.7.33@sha256:853105ad984a9fe87dd109be6756e1fbdba8b003b303d88ac0dda6b455f36556
     environment:
       MYSQL_RANDOM_ROOT_PASSWORD: 'yes'
       DD_DATABASE_URL: ${DD_DATABASE_URL:-mysql://defectdojo:defectdojo@mysql:3306/defectdojo}
@@ -102,6 +102,6 @@ services:
     volumes:
        - defectdojo_data:/var/lib/mysql
   rabbitmq:
-    image: rabbitmq:3.8.11@sha256:5bc47a968799b7b8ff60f949a12957b9fdf445bbb29295c3986b7b11a9e5ea58
+    image: rabbitmq:3.8.12@sha256:7079e054089de627f52bbf1e5ee9871f3179b6179d30c536bd3b9c4a0b99144e
 volumes:
   defectdojo_data: {}

docker/entrypoint-initializer.sh

@@ -44,7 +44,9 @@ do
 done
 echo
 
+echo "Making migrations"
 python3 manage.py makemigrations dojo
+echo "Migrating"
 python3 manage.py migrate
 
 echo "Admin user: ${DD_ADMIN_USER}"
@@ -85,28 +87,24 @@ User.objects.create_superuser(
 )
 EOD
 
-  python3 manage.py loaddata system_settings
-  echo "UPDATE dojo_system_settings SET jira_webhook_secret='$DD_JIRA_WEBHOOK_SECRET'" | python manage.py dbshell
-
-  python3 manage.py loaddata initial_banner_conf
-  python3 manage.py loaddata product_type
-  python3 manage.py loaddata test_type
-  python3 manage.py loaddata development_environment
-  python3 manage.py loaddata benchmark_type
-  python3 manage.py loaddata benchmark_category
-  python3 manage.py loaddata benchmark_requirement
-  python3 manage.py loaddata language_type
-  python3 manage.py loaddata objects_review
-  python3 manage.py loaddata regulation
+  echo "Preparing survey fixture"
+  # surveys fixture needs to be modified as it contains an instance dependant polymorphic content id
   python3 manage.py import_surveys
-  python3 manage.py loaddata initial_surveys
+  # load surveys all at once as that's much faster
+   echo "Importing fixtures all at once"
+   python3 manage.py loaddata system_settings initial_banner_conf product_type test_type \
+       development_environment benchmark_type benchmark_category benchmark_requirement \
+       language_type objects_review regulation initial_surveys
+
+  echo "UPDATE dojo_system_settings SET jira_webhook_secret='$DD_JIRA_WEBHOOK_SECRET'" | python manage.py dbshell
 
+  echo "Importing extra fixtures"
   # If there is extra fixtures, load them
   for i in $(ls dojo/fixtures/extra_*.json | sort -n 2>/dev/null) ; do
     echo "Loading $i"
     python3 manage.py loaddata ${i%.*}
   done
 
+  echo "Installing watson search index"
   python3 manage.py installwatson
-  exec python3 manage.py buildwatson
 fi

docker/wait-for-it.sh

@@ -25,7 +25,7 @@ USAGE
 wait_for()
 {
     if [[ $TIMEOUT -gt 0 ]]; then
-        echoerr "$cmdname: waiting $TIMEOUT seconds for $HOST:$PORT"
+        echoerr "$cmdname: waiting max $TIMEOUT seconds for $HOST:$PORT"
     else
         echoerr "$cmdname: waiting for $HOST:$PORT without a timeout"
     fi

docs/archetypes/default.md

@@ -0,0 +1,6 @@
+---
+title: "{{ replace .Name "-" " " | title }}"
+date: {{ .Date }}
+draft: true
+---
+

docs/config.toml

@@ -0,0 +1,28 @@
+baseURL = "https://DefectDojo.github.io/django-DefectDojo/"
+languageCode = "en-us"
+title = "DefectDojo Documentation"
+theme = "learn"
+
+# For search functionality
+[outputs]
+home = [ "HTML", "RSS", "JSON"]
+
+[params]
+  # Change default color scheme with a variant one. Can be "red", "blue", "green".
+  themeVariant = "blue"
+  editURL = "https://github.com/DefectDojo/django-DefectDojo/blob/dev/docs/content/"
+  description = "Documentation for DefectDojo"
+  disableNextPrev = true
+  disableLandingPageButton = true
+
+[[menu.shortcuts]] 
+name = "<i class='fab fa-github'></i> Github repo"
+identifier = "gh"
+url = "https://github.com/DefectDojo/django-DefectDojo"
+weight = 10
+
+[[menu.shortcuts]] 
+name = "<i class='fas fa-fw fa-camera'></i> Demo site"
+identifier = "ds"
+url = "https://demo.defectdojo.org/"
+weight = 11