From 5eb16ccf7905852a531e897cbd69bff3553e2e0e Mon Sep 17 00:00:00 2001 From: DefectDojo release bot Date: Mon, 9 Dec 2024 16:33:47 +0000 Subject: [PATCH 01/10] Update versions in application files --- components/package.json | 2 +- helm/defectdojo/Chart.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/components/package.json b/components/package.json index b8cfcf4669d..febe451775d 100644 --- a/components/package.json +++ b/components/package.json @@ -1,6 +1,6 @@ { "name": "defectdojo", - "version": "2.41.1", + "version": "2.42.0-dev", "license" : "BSD-3-Clause", "private": true, "dependencies": { diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml index e8a60ef015f..d7568f8d5d8 100644 --- a/helm/defectdojo/Chart.yaml +++ b/helm/defectdojo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "2.41.1" +appVersion: "2.42.0-dev" description: A Helm chart for Kubernetes to install DefectDojo name: defectdojo -version: 1.6.163 +version: 1.6.164-dev icon: https://www.defectdojo.org/img/favicon.ico maintainers: - name: madchap From ca6628dd3d295426fecf08c1c82190564e49ad67 Mon Sep 17 00:00:00 2001 From: Paul Osinski <42211303+paulOsinski@users.noreply.github.com> Date: Mon, 9 Dec 2024 17:59:04 -0500 Subject: [PATCH 02/10] add Reo JS to script header (#11396) Co-authored-by: Paul Osinski --- docs/layouts/partials/head/script-header.html | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/layouts/partials/head/script-header.html b/docs/layouts/partials/head/script-header.html index aba98029eb2..76b5fa4ffc5 100644 --- a/docs/layouts/partials/head/script-header.html +++ b/docs/layouts/partials/head/script-header.html @@ -1 +1,6 @@ + + + \ No newline at end of file From da25ba52f859a36bc0d86ff8815110c4d7caad25 Mon Sep 17 00:00:00 2001 From: Paul Osinski <42211303+paulOsinski@users.noreply.github.com> Date: Tue, 10 Dec 2024 16:12:15 -0500 Subject: [PATCH 03/10] [docs] Pro Docs release notes - 2.41.1 (#11402) * update changelog to 2.41.1 * update changelog to 2.41.1 --------- Co-authored-by: Paul Osinski --- docs/content/en/changelog/changelog.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/docs/content/en/changelog/changelog.md b/docs/content/en/changelog/changelog.md index 9c11d2f33ff..3d0c2c92292 100644 --- a/docs/content/en/changelog/changelog.md +++ b/docs/content/en/changelog/changelog.md @@ -7,9 +7,17 @@ Here are the release notes for **DefectDojo Pro (Cloud Version)**. These release For Open Source release notes, please see the [Releases page on GitHub](https://github.com/DefectDojo/django-DefectDojo/releases), or alternatively consult the Open Source [upgrate notes](../../open_source/upgrading/upgrading_guide). +## Dec 9, 2024: v2.41.1 + +- **(API)** When using the jira_finding_mappings API endpoint, trying to update a finding's Jira mapping with a Jira issue that is already assigned to another finding will now raise a validation error. +- **(Beta UI)** A Test's Import History is now paginated by default. +- **(Findings)** New Filter: 'Has Any JIRA' which accounts for Findings with single Issues or Findings that were pushed to Jira as part of a Group. +- **(Classic UI)** Filters have been added to the Product Type view. This is useful for when a single Product Type contains many Products which need to be filtered down. +- **(Classic UI)** Reported Finding Severity by Month graph now tracks the X axis by month correctly. + ## Dec 2, 2024: v2.41.0 -- **(Api)** `engagements/{id}/update_jira_epic` endpoint path added so that users can now push an updated Engagement to Jira, without creating a new Jira Epic. +- **(API)** `engagements/{id}/update_jira_epic` endpoint path added so that users can now push an updated Engagement to Jira, without creating a new Jira Epic. - **(Beta UI)** Columns can now be reordered in tables, by clicking and dragging the column header. ![image](images/reorder-columns.png) @@ -139,7 +147,7 @@ configuration fields. -## Sept 9, 2024: v2.39.1 +## Sept 9, 2024: v2.38.1 - **(Beta UI)** Clearing a date filter and re-applying it no longer throws a 400 error. - **(Dashboard)** Dashboard Tag Filters now work correctly in both legacy and beta UIs. From ade5c1594adc76deca06e47f51af6b3ff7807350 Mon Sep 17 00:00:00 2001 From: Paul Osinski <42211303+paulOsinski@users.noreply.github.com> Date: Wed, 11 Dec 2024 13:11:30 -0500 Subject: [PATCH 04/10] [docs] rename case-sensitive refs so that site builds correctly (#11403) Co-authored-by: Paul Osinski --- ...loud_Manager.png => using_the_cloud_manager.png} | Bin ..._Manager_2.png => using_the_cloud_manager_2.png} | Bin ..._Manager_3.png => using_the_cloud_manager_3.png} | Bin ..._Manager_4.png => using_the_cloud_manager_4.png} | Bin .../en/cloud_management/using-cloud-manager.md | 10 +++++----- 5 files changed, 5 insertions(+), 5 deletions(-) rename docs/assets/images/{Using_the_Cloud_Manager.png => using_the_cloud_manager.png} (100%) rename docs/assets/images/{Using_the_Cloud_Manager_2.png => using_the_cloud_manager_2.png} (100%) rename docs/assets/images/{Using_the_Cloud_Manager_3.png => using_the_cloud_manager_3.png} (100%) rename docs/assets/images/{Using_the_Cloud_Manager_4.png => using_the_cloud_manager_4.png} (100%) diff --git a/docs/assets/images/Using_the_Cloud_Manager.png b/docs/assets/images/using_the_cloud_manager.png similarity index 100% rename from docs/assets/images/Using_the_Cloud_Manager.png rename to docs/assets/images/using_the_cloud_manager.png diff --git a/docs/assets/images/Using_the_Cloud_Manager_2.png b/docs/assets/images/using_the_cloud_manager_2.png similarity index 100% rename from docs/assets/images/Using_the_Cloud_Manager_2.png rename to docs/assets/images/using_the_cloud_manager_2.png diff --git a/docs/assets/images/Using_the_Cloud_Manager_3.png b/docs/assets/images/using_the_cloud_manager_3.png similarity index 100% rename from docs/assets/images/Using_the_Cloud_Manager_3.png rename to docs/assets/images/using_the_cloud_manager_3.png diff --git a/docs/assets/images/Using_the_Cloud_Manager_4.png b/docs/assets/images/using_the_cloud_manager_4.png similarity index 100% rename from docs/assets/images/Using_the_Cloud_Manager_4.png rename to docs/assets/images/using_the_cloud_manager_4.png diff --git a/docs/content/en/cloud_management/using-cloud-manager.md b/docs/content/en/cloud_management/using-cloud-manager.md index e676232bac6..671aa8958f9 100644 --- a/docs/content/en/cloud_management/using-cloud-manager.md +++ b/docs/content/en/cloud_management/using-cloud-manager.md @@ -16,11 +16,11 @@ This page allows you to request a [new, or additional Cloud instance](../set-up- The Subscription Management page shows all of your currently active Cloud instances, and allows you to configure the Firewall settings for each instance. ### Changing your Firewall Settings -![image](images/Using_the_Cloud_Manager.png) +![image](images/using_the_cloud_manager.png) Once on the **Edit Subscription** page, enter the IP Address, Mask, and Label for the rule you wish to add. If more than one firewall rule is needed, click **Add New Range** to create a new empty rule. -![image](images/Using_the_Cloud_Manager_2.png) +![image](images/using_the_cloud_manager_2.png) Here, you can also open your firewall to external services (GitHub & Jira Cloud). You can also disable your firewall entirely, if you wish, by selecting **Proceed Without Firewall** from the menu. @@ -37,14 +37,14 @@ Enter the email associated with the user's Cloud Portal account, and click Submi The Resources page contains a Contact Us form, which you can use to get in touch with our Support team. -![image](images/Using_the_Cloud_Manager_3.png) +![image](images/using_the_cloud_manager_3.png) ## Tools The Tools page is one of the places where you can download external Pro tools, such as Universal Importer or DefectDojo CLI. These tools are external add-ons which can be used to quickly build a command-line import pipeline in your network. For more information about these tools, see the [External Tools](../../connecting_your_tools/external_tools/) documentation. -![image](images/Using_the_Cloud_Manager_6.png) +![image](images/using_the_cloud_manager_6.png) ## Account Settings @@ -62,7 +62,7 @@ The account settings page has four sections: Note that this will only add MFA to your DefectDojo Cloud login, not to the login for your DefectDojo app. -![image](images/Using_the_Cloud_Manager_4.png) +![image](images/using_the_cloud_manager_4.png) 1. Begin by installing an Authenticator app which supports QR code authentication on your smartphone or computer. 2. Once you've done this, click **Generate QR Code**. From 4b48bddeae09578e75b9e1251f3de5084b8ecec0 Mon Sep 17 00:00:00 2001 From: kiblik <5609770+kiblik@users.noreply.github.com> Date: Wed, 11 Dec 2024 21:22:49 +0100 Subject: [PATCH 05/10] fix(setEnv): remove debug from list (#11374) --- docker/setEnv.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/setEnv.sh b/docker/setEnv.sh index b9336535e39..41aa804c304 100755 --- a/docker/setEnv.sh +++ b/docker/setEnv.sh @@ -40,7 +40,7 @@ function get_current { # Tell to which environments we can switch function say_switch { echo "Using '${current_env}' configuration." - for one_env in dev debug unit_tests integration_tests release + for one_env in dev unit_tests integration_tests release do if [ "${current_env}" != ${one_env} ]; then echo "-> You can switch to '${one_env}' with '${0} ${one_env}'" @@ -118,7 +118,7 @@ function set_integration_tests { # Change directory to allow working with relative paths. cd "${target_dir}" || exit -if [ ${#} -eq 1 ] && [[ 'dev debug unit_tests unit_tests_cicd integration_tests release' =~ ${1} ]] +if [ ${#} -eq 1 ] && [[ 'dev unit_tests unit_tests_cicd integration_tests release' =~ ${1} ]] then set_"${1}" else From b0e2819610cd104843ca717b04291e3a137d9c89 Mon Sep 17 00:00:00 2001 From: manuelsommer <47991713+manuel-sommer@users.noreply.github.com> Date: Wed, 11 Dec 2024 21:23:34 +0100 Subject: [PATCH 06/10] :bug: fix RHS deduplication (#11385) --- dojo/settings/settings.dist.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index dec586382fe..83794dfa22e 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -1289,6 +1289,7 @@ def saml2_attrib_map_format(dict): "Invicti Scan": ["title", "description", "severity"], "HackerOne Cases": ["title", "severity"], "KrakenD Audit Scan": ["description", "mitigation", "severity"], + "Red Hat Satellite": ["description", "severity"], } # Override the hardcoded settings here via the env var @@ -1533,6 +1534,7 @@ def saml2_attrib_map_format(dict): "Invicti Scan": DEDUPE_ALGO_HASH_CODE, "KrakenD Audit Scan": DEDUPE_ALGO_HASH_CODE, "PTART Report": DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL, + "Red Hat Satellite": DEDUPE_ALGO_HASH_CODE, } # Override the hardcoded settings here via the env var From d7dff9e122cae5dd14a425acaefd46bf0c4d80be Mon Sep 17 00:00:00 2001 From: Julien Godin <40758407+JGodin-C2C@users.noreply.github.com> Date: Thu, 12 Dec 2024 18:49:00 +0100 Subject: [PATCH 07/10] fix(oauth2): google oauth2 whitelisting. (#11372) * Update release step3 * fix(oauth2): Fix google oauth2 whitelisting. The variable is a tuple and should be managed as such Signed-off-by: Julien Godin --------- Signed-off-by: Julien Godin Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> --- .../integrations/social-authentication.md | 12 ++++++++++++ dojo/settings/settings.dist.py | 4 ++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/docs/content/en/open_source/archived_docs/integrations/social-authentication.md b/docs/content/en/open_source/archived_docs/integrations/social-authentication.md index 97d052d4fac..db2a536f775 100644 --- a/docs/content/en/open_source/archived_docs/integrations/social-authentication.md +++ b/docs/content/en/open_source/archived_docs/integrations/social-authentication.md @@ -86,12 +86,24 @@ to be created. Closely follow the steps below to guarantee success. DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = ['example.com', 'example.org'] {{< /highlight >}} + As an environment variable: + + {{< highlight python >}} + DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = example.com,example.org + {{< /highlight >}} + or {{< highlight python >}} DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = [''] {{< /highlight >}} + As an environment variable: + + {{< highlight python >}} + DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = email@example.com,email2@example.com + {{< /highlight >}} + ## OKTA In a similar fashion to that of Google, using OKTA as a OAuth2 provider diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index 83794dfa22e..483688dcd4e 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -543,8 +543,8 @@ def generate_url(scheme, double_slashes, user, password, host, port, path, param GOOGLE_OAUTH_ENABLED = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_ENABLED") SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_KEY") SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET") -SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS") -SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS") +SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = tuple(env.list("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS", default=[""])) +SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = tuple(env.list("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS", default=[""])) SOCIAL_AUTH_LOGIN_ERROR_URL = "/login" SOCIAL_AUTH_BACKEND_ERROR_URL = "/login" From 50af85d5c8c7d03c56fa9ae2c8f6ef38aa150e32 Mon Sep 17 00:00:00 2001 From: kiblik <5609770+kiblik@users.noreply.github.com> Date: Sun, 15 Dec 2024 03:48:56 +0100 Subject: [PATCH 08/10] fix(helm): Unpin old HELM version (#11363) --- .github/workflows/release-x-manual-helm-chart.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release-x-manual-helm-chart.yml b/.github/workflows/release-x-manual-helm-chart.yml index ee749cdc4a8..560e809e843 100644 --- a/.github/workflows/release-x-manual-helm-chart.yml +++ b/.github/workflows/release-x-manual-helm-chart.yml @@ -46,10 +46,8 @@ jobs: git config --global user.name "${{ env.GIT_USERNAME }}" git config --global user.email "${{ env.GIT_EMAIL }}" - - name: Install Helm - uses: azure/setup-helm@v4 - with: - version: v3.4.0 + - name: Set up Helm + uses: azure/setup-helm@v4.2.0 - name: Configure HELM repos run: |- From 6c70cca2c04550361f56743816aa1fc70056160c Mon Sep 17 00:00:00 2001 From: DefectDojo release bot Date: Mon, 16 Dec 2024 15:25:59 +0000 Subject: [PATCH 09/10] Update versions in application files --- components/package.json | 2 +- dojo/__init__.py | 2 +- helm/defectdojo/Chart.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/package.json b/components/package.json index febe451775d..590f1cb37e0 100644 --- a/components/package.json +++ b/components/package.json @@ -1,6 +1,6 @@ { "name": "defectdojo", - "version": "2.42.0-dev", + "version": "2.41.2", "license" : "BSD-3-Clause", "private": true, "dependencies": { diff --git a/dojo/__init__.py b/dojo/__init__.py index f8e01957497..7edf826dd58 100644 --- a/dojo/__init__.py +++ b/dojo/__init__.py @@ -4,6 +4,6 @@ # Django starts so that shared_task will use this app. from .celery import app as celery_app # noqa: F401 -__version__ = "2.41.1" +__version__ = "2.41.2" __url__ = "https://github.com/DefectDojo/django-DefectDojo" __docs__ = "https://documentation.defectdojo.com" diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml index d7568f8d5d8..f76daab65f6 100644 --- a/helm/defectdojo/Chart.yaml +++ b/helm/defectdojo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "2.42.0-dev" +appVersion: "2.41.2" description: A Helm chart for Kubernetes to install DefectDojo name: defectdojo -version: 1.6.164-dev +version: 1.6.164 icon: https://www.defectdojo.org/img/favicon.ico maintainers: - name: madchap From ceee3df0d990a8596e0f949d39d16364a82e6535 Mon Sep 17 00:00:00 2001 From: DefectDojo release bot Date: Mon, 16 Dec 2024 16:04:37 +0000 Subject: [PATCH 10/10] Update versions in application files --- components/package.json | 2 +- dojo/__init__.py | 2 +- helm/defectdojo/Chart.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/package.json b/components/package.json index 590f1cb37e0..febe451775d 100644 --- a/components/package.json +++ b/components/package.json @@ -1,6 +1,6 @@ { "name": "defectdojo", - "version": "2.41.2", + "version": "2.42.0-dev", "license" : "BSD-3-Clause", "private": true, "dependencies": { diff --git a/dojo/__init__.py b/dojo/__init__.py index 7edf826dd58..033e2fc2894 100644 --- a/dojo/__init__.py +++ b/dojo/__init__.py @@ -4,6 +4,6 @@ # Django starts so that shared_task will use this app. from .celery import app as celery_app # noqa: F401 -__version__ = "2.41.2" +__version__ = "2.42.0-dev" __url__ = "https://github.com/DefectDojo/django-DefectDojo" __docs__ = "https://documentation.defectdojo.com" diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml index f76daab65f6..ab66f338320 100644 --- a/helm/defectdojo/Chart.yaml +++ b/helm/defectdojo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "2.41.2" +appVersion: "2.42.0-dev" description: A Helm chart for Kubernetes to install DefectDojo name: defectdojo -version: 1.6.164 +version: 1.6.165-dev icon: https://www.defectdojo.org/img/favicon.ico maintainers: - name: madchap