Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update Pro changelog 2.42.0 #11518

Merged
merged 6 commits into from
Jan 14, 2025
Merged

update Pro changelog 2.42.0 #11518

merged 6 commits into from
Jan 14, 2025

Conversation

paulOsinski
Copy link
Contributor

Updating Pro release notes with new features.

@github-actions github-actions bot added the docs label Jan 6, 2025
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jan 6, 2025
edited
Loading

DryRun Security Summary

The GitHub pull request updates DefectDojo documentation across multiple sections, focusing on improving user guidance, report generation, Jira integration, and providing clearer instructions for using the application's features while maintaining administrative and security-oriented improvements.

Expand for full summary

Summary:

This GitHub pull request contains several updates to the documentation for the DefectDojo application, including changes to the "Working with Generated Reports", "Send Findings To Jira", "Using the Report Builder", and "Changelog" sections. The changes are primarily focused on improving the user experience, providing clearer guidance, and enhancing the integration between DefectDojo and other tools like Jira.

From an application security perspective, the changes do not introduce any obvious security vulnerabilities. The documentation updates are administrative in nature and do not directly impact the security of the DefectDojo application itself. However, the changes related to the API payload customization and Jira integration updates are noteworthy, as they can help improve the overall security posture of the application by reducing the risk of sensitive information leakage and ensuring that external issue tracking systems accurately reflect the current state of security findings.

Overall, this pull request appears to be a positive contribution to the DefectDojo documentation, providing users with more comprehensive guidance and improving the integration between security testing tools and issue tracking systems.

Files Changed:

  1. docs/content/en/share_your_findings/pro_reports/working_with_generated_reports.md:

    • The section has been renamed to "Templates and Historical Reports".
    • The changes provide guidance on using report templates, re-running existing reports, and deleting old or unused reports.

  2. docs/content/en/share_your_findings/jira_integration/_index.md:

    • The title and description of the "Connect To Jira" documentation page have been updated to "Send Findings To Jira".
    • The changes focus on providing guidance on integrating DefectDojo with Jira to send security findings.

  3. docs/content/en/share_your_findings/pro_reports/using_the_report_builder.md:

    • The documentation for the "Using the Report Builder" feature has been reorganized and expanded, adding new sections and details.
    • The changes include information on publishing, viewing, and exporting reports, as well as a new "Report Widget Index" section.

  4. docs/content/en/changelog/changelog.md:

    • The changes include improvements to the DefectDojo Pro (Cloud Version) application, such as API enhancements, UI updates, and Jira integration improvements.
    • The most notable security-related changes are the API payload customization and the automatic update of Jira Group issues when a Risk Acceptance expires.

Code Analysis

We ran 9 analyzers against 5 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

mtesauro
mtesauro approved these changes Jan 8, 2025
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@mtesauro mtesauro merged commit 65d3bc2 into DefectDojo:master Jan 14, 2025
72 of 73 checks passed
@paulOsinski paulOsinski deleted the releasenotes branch January 14, 2025 19:48
Maffooch pushed a commit that referenced this pull request Jan 15, 2025
@dependabot @paulOsinski
Bump django from 5.1.4 to 5.1.5 (#11567)
d6d1b55 
* update Pro changelog 2.42.0 (#11518)

* update Pro changelog 2.42.0

* qa 'share your Findings'

* changelog 2.42.2

* fix typo working_with_generated_reports.md

---------

Co-authored-by: Paul Osinski <[email protected]>

* Bump django from 5.1.4 to 5.1.5

Bumps [django](https://github.com/django/django) from 5.1.4 to 5.1.5.
- [Commits](django/django@5.1.4...5.1.5)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Paul Osinski <[email protected]>
Co-authored-by: Paul Osinski <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Maffooch Maffooch Maffooch approved these changes

@hblankenship hblankenship hblankenship approved these changes

@mtesauro mtesauro mtesauro approved these changes

@cneill cneill cneill approved these changes

@grendel513 grendel513 grendel513 approved these changes

Assignees
No one assigned
Labels
docs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@paulOsinski @grendel513 @cneill @mtesauro @hblankenship @Maffooch