search

DefectDojo / django-DefectDojo

DevSecOps, ASPM, Vulnerability Management. All on one platform.
https://defectdojo.com
BSD 3-Clause "New" or "Revised" License
3.49k stars 1.48k forks source link

Release: Merge back 2.35.4 into bugfix from: master-into-bugfix/2.35.4-2.36.0-dev #10451

Closed github-actions[bot] closed 1 week ago

github-actions[bot] commented 1 week ago

Release triggered by blakeaowens

dryrunsecurity[bot] commented 1 week ago

Hi there :wave:, @dryrunsecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
Server-Side Request Forgery Analyzer :white_check_mark: 0 findings
Configured Codepaths Analyzer :white_check_mark: 0 findings
IDOR Analyzer :white_check_mark: 0 findings
Sensitive Files Analyzer :white_check_mark: 0 findings
SQL Injection Analyzer :white_check_mark: 0 findings
Authn/Authz Analyzer :white_check_mark: 0 findings
Secrets Analyzer :white_check_mark: 0 findings

[!Note] :green_circle: Risk threshold not exceeded.

Change Summary (click to expand) The following is a summary of changes in this pull request made by me, your security buddy :robot:. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective. **Summary:** The changes in this GitHub Pull Request are focused on updating the version of the DefectDojo Helm chart from `1.6.136-dev` to `1.6.137-dev`. This is a minor version update and does not directly introduce any security-related concerns. However, it's important to ensure that the versions of the dependent Bitnami Helm charts (for MySQL, PostgreSQL, RabbitMQ, and Redis) are up-to-date and do not contain any known security vulnerabilities. Regular security audits and updates of the dependencies should be part of the overall application security process. Additionally, when deploying the DefectDojo application, it's crucial to follow the recommended security best practices, such as properly configuring the supporting services, implementing appropriate authentication and authorization mechanisms, regularly monitoring the application and its dependencies for security updates, and conducting regular security assessments and penetration testing. **Files Changed:** - `helm/defectdojo/Chart.yaml`: This file contains the metadata for the DefectDojo Helm chart, including the version, description, maintainers, and dependencies. The changes in this Pull Request update the chart version from `1.6.136-dev` to `1.6.137-dev`.

Powered by DryRun Security