Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[docs] Pro Changelog - 2.41.3 #11463

Closed
wants to merge 4 commits into from
Closed

[docs] Pro Changelog - 2.41.3 #11463

wants to merge 4 commits into from

Conversation

paulOsinski
Copy link
Contributor

No description provided.

@github-actions github-actions bot added the docs label Dec 23, 2024
@dryrunsecurity DryRunSecurity
Copy link

DryRun Security Summary

The pull request updates DefectDojo Pro's documentation and configuration files, adding a new "Changelog" menu item, improving API functionality, and enhancing the user interface with a focus on security features like finding hash code recalculation and accessibility improvements.

Expand for full summary

Summary:

The code changes in this pull request focus on updates to the documentation and configuration files for the DefectDojo Pro (Cloud Version) application. The changes include adding a new "Changelog" menu item, improving the API functionality, and enhancing the user interface of the beta version.

From an application security perspective, the most notable change is the addition of the ability to recalculate hash codes for findings via the API. This feature can help improve the accuracy of deduplication, which is an important security control to prevent duplicate vulnerabilities from being tracked and potentially overlooked. The detailed explanation provided in the changelog is also a good example of how to communicate complex technical changes to users in a clear and helpful manner.

Additionally, the code changes include updates to the accessibility of SVG icons, the validation of external links, and the management of the Content Security Policy (CSP) to ensure that the documentation and configuration files do not introduce any potential security vulnerabilities.

Files Changed:

  1. docs/config/_default/menus/menus.en.toml: This file has been updated to add a new "Changelog" menu item with a corresponding URL and weight. The code includes SVG icons for social media links, which should be reviewed for proper accessibility and CSP considerations.

  2. docs/content/en/changelog/changelog.md: This file has been updated to document several new features and improvements to the DefectDojo Pro (Cloud Version) application, including API enhancements, beta UI improvements, and tool-specific deduplication changes. The addition of the ability to recalculate hash codes for findings via the API is a notable security-related improvement.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@paulOsinski paulOsinski changed the title [docs] Pro Changelog - 2.41.4 [docs] Pro Changelog - 2.41.3 Dec 23, 2024
@paulOsinski paulOsinski marked this pull request as ready for review December 23, 2024 22:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
docs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@paulOsinski