Readme docs - followup PR #11525
Readme docs - followup PR #11525
Conversation
DryRun Security SummaryThe pull request updates DefectDojo's documentation, enables LDAP authentication, and improves API documentation while maintaining security best practices. Expand for full summarySummary: The code changes in this pull request primarily focus on updating the documentation and enabling LDAP authentication in the DefectDojo application. The changes do not introduce any obvious security vulnerabilities and follow standard practices for integrating LDAP authentication in a Django-based web application. The key updates include:
From an application security perspective, these changes are generally positive, as they improve the documentation, align the API documentation with industry standards, and provide a secure way to integrate LDAP authentication. However, it is crucial to ensure that the LDAP-related configuration, such as the server URI, bind DN, and bind password, are properly secured and not exposed in the codebase or deployment environment. Files Changed:
Code AnalysisWe ran |
|
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
|
Conflicts have been resolved. A maintainer will review the pull request shortly. |
paulOsinski
force-pushed
the
readme-docs
branch
from
333e3d8 to
63ea3a0
Compare
paulOsinski
force-pushed
the
readme-docs
branch
from
63ea3a0 to
342464f
Compare
* Bump vite from 6.0.7 to 6.0.9 in /docs (#11610) Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 6.0.7 to 6.0.9. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.0.9/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pro Release Notes 2.42.2 (#11611) * update changelog 2.42.2 * add additional 2.42.1 features --------- Co-authored-by: Paul Osinski <[email protected]> * Update .dryrunsecurity.yaml (#11617) * Readme docs - followup PR (#11525) * follow on to readme update * remove broken /pricing link * chg local_settings refs ldap-authentication.md --------- Co-authored-by: Paul Osinski <[email protected]> * Bump asteval from 1.0.5 to 1.0.6 Bumps [asteval](https://github.com/lmfit/asteval) from 1.0.5 to 1.0.6. - [Release notes](https://github.com/lmfit/asteval/releases) - [Commits](lmfit/asteval@1.0.5...1.0.6) --- updated-dependencies: - dependency-name: asteval dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Paul Osinski <[email protected]> Co-authored-by: Paul Osinski <[email protected]> Co-authored-by: Cody Maffucci <[email protected]>
Addresses @cneill 's comments on my previous PR here #11516 (review)