fix conflicts

.github/workflows/build-docker-images-for-testing.yml

@@ -37,6 +37,8 @@ jobs:
         id: docker_build
         uses: docker/build-push-action@v6
         timeout-minutes: 10
+        env:
+          DOCKER_BUILD_CHECKS_ANNOTATIONS: false
         with:
           context: .
           push: false
@@ -53,4 +55,4 @@ jobs:
         with:
           name: ${{ matrix.docker-image }}
           path: ${{ matrix.docker-image }}-${{ matrix.os }}_img
-          retention-days: 1
+          retention-days: 1

.github/workflows/k8s-tests.yml

@@ -28,7 +28,7 @@ jobs:
           # are tested (https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html#available-versions)
           - databases: pgsql
             brokers: redis
-            k8s: 'v1.26.11'
+            k8s: 'v1.30.3'
             os: debian
     steps:
       - name: Checkout
@@ -37,7 +37,7 @@ jobs:
       - name: Setup Minikube
         uses: manusa/[email protected]
         with:
-          minikube version: 'v1.31.2'
+          minikube version: 'v1.33.1'
           kubernetes version: ${{ matrix.k8s }}
           driver: docker
           start args: '--addons=ingress --cni calico'
@@ -70,26 +70,28 @@ jobs:
               echo "pgsql=${{ env.HELM_PG_DATABASE_SETTINGS }}" >> $GITHUB_ENV
               echo "redis=${{ env.HELM_REDIS_BROKER_SETTINGS }}" >> $GITHUB_ENV
 
-      - name: Deploying Djano application with ${{ matrix.databases }} ${{ matrix.brokers }}
-        timeout-minutes: 10 
+      - name: Deploying Django application with ${{ matrix.databases }} ${{ matrix.brokers }}
+        timeout-minutes: 15 
         run: |-
              helm install \
                --timeout 800s \
+               --wait \
+               --wait-for-jobs \
                defectdojo \
                ./helm/defectdojo \
                --set django.ingress.enabled=true \
                --set imagePullPolicy=Never \
                ${{ env[matrix.databases] }} \
                ${{ env[matrix.brokers] }} \
                --set createSecret=true \
-               --set tag=${{ matrix.os }} \
-               # --set imagePullSecrets=defectdojoregistrykey
+               --set tag=${{ matrix.os }}
 
       - name: Check deployment status
+        if: always()
         run: |-
-             kubectl get pods
-             kubectl get ingress
-             kubectl get services
+             kubectl get all,ingress  # all = pods, services, deployments, replicasets, statefulsets, jobs
+             helm status defectdojo
+             helm history defectdojo
 
       - name: Check Application
         timeout-minutes: 10

.github/workflows/release-x-manual-docker-containers.yml

@@ -65,6 +65,7 @@ jobs:
         if: ${{ matrix.os  == 'debian' }}
         uses: docker/build-push-action@v6
         env:
+          DOCKER_BUILD_CHECKS_ANNOTATIONS: false
           REPO_ORG: ${{ env.repoorg }}
           docker-image: ${{ matrix.docker-image }}
         with:
@@ -79,6 +80,7 @@ jobs:
         if: ${{ matrix.os  == 'alpine' }}
         uses: docker/build-push-action@v6
         env:
+          DOCKER_BUILD_CHECKS_ANNOTATIONS: false
           REPO_ORG: ${{ env.repoorg }}
           docker-image: ${{ matrix.docker-image }}
         with:

Dockerfile.integration-tests-debian

@@ -1,7 +1,7 @@
 
 # code: language=Dockerfile
 
-FROM openapitools/openapi-generator-cli:v7.7.0@sha256:99924315933d49e7b33a7d2074bb2b64fc8def8f74519939036e24eb48f00336 AS openapitools
+FROM openapitools/openapi-generator-cli:v7.8.0@sha256:c409bfa9b276faf27726d2884b859d18269bf980cb63546e80b72f3b2648c492 AS openapitools
 FROM python:3.11.9-slim-bookworm@sha256:8c1036ec919826052306dfb5286e4753ffd9d5f6c24fbc352a5399c3b405b57e AS build
 WORKDIR /app
 RUN \
@@ -25,8 +25,13 @@ RUN pip install --no-cache-dir selenium==4.9.0 requests
 
 # Install the latest Google Chrome stable release
 WORKDIR /opt/chrome
+
+# TODO: figure out whatever fix is necessary to use Chrome >= 128 and put this back in the RUN below so we stay
+# up-to-date
+# chrome_url=$(curl https://googlechromelabs.github.io/chrome-for-testing/last-known-good-versions-with-downloads.json | jq -r '.channels[] | select(.channel == "Stable") | .downloads.chrome[] | select(.platform == "linux64").url') && \
+
 RUN \
-  chrome_url=$(curl https://googlechromelabs.github.io/chrome-for-testing/last-known-good-versions-with-downloads.json | jq -r '.channels[] | select(.channel == "Stable") | .downloads.chrome[] | select(.platform == "linux64").url') && \
+  chrome_url="https://storage.googleapis.com/chrome-for-testing-public/127.0.6533.119/linux64/chrome-linux64.zip" && \
   wget $chrome_url && \
   unzip chrome-linux64.zip && \
   rm -rf chrome-linux64.zip && \
@@ -49,8 +54,12 @@ RUN apt-get install -y libxi6 libgconf-2-4 jq libjq1 libonig5 libxkbcommon0 libx
 
 # Installing the latest stable Google Chrome driver release
 WORKDIR /opt/chrome-driver
+# TODO: figure out whatever fix is necessary to use Chrome >= 128 and put this back in the RUN below so we stay
+# up-to-date
+# chromedriver_url=$(curl https://googlechromelabs.github.io/chrome-for-testing/last-known-good-versions-with-downloads.json | jq -r '.channels[] | select(.channel == "Stable") | .downloads.chromedriver[] | select(.platform == "linux64").url') && \
+
 RUN \
-  chromedriver_url=$(curl https://googlechromelabs.github.io/chrome-for-testing/last-known-good-versions-with-downloads.json | jq -r '.channels[] | select(.channel == "Stable") | .downloads.chromedriver[] | select(.platform == "linux64").url') && \
+  chromedriver_url="https://storage.googleapis.com/chrome-for-testing-public/127.0.6533.119/linux64/chromedriver-linux64.zip" && \
   wget $chromedriver_url && \
   unzip -j chromedriver-linux64.zip chromedriver-linux64/chromedriver && \
   rm -rf chromedriver-linux64.zip && \

NOTICE

@@ -1,7 +1,7 @@
 DefectDojo is licensed under the 3-Clause BSD License: https://github.com/DefectDojo/django-DefectDojo/blob/master/LICENSE.md
 
 
-However, DefectDojo’s dependencies may have different licensing requirements and terms.
+However, DefectDojo's dependencies may have different licensing requirements and terms.
 Complete source code for DefectDojo dependencies are made available on PyPi: https://pypi.org/ 
 
 THIRD-PARTY SOFTWARE NOTICES FOR DEFECTDOJO

README.md

@@ -144,7 +144,7 @@ Moderators can help you with pull requests or feedback on dev ideas:
 * Valentijn Scholten ([@valentijnscholten](https://github.com/valentijnscholten) |
   [Sponsor](https://github.com/sponsors/valentijnscholten) |
   [LinkedIn](https://www.linkedin.com/in/valentijn-scholten/)) - Valentijn served as a core moderator for 3 years.
-  Valentijn’s contributions were numerous and extensive. He overhauled, improved, and optimized many parts of the
+  Valentijn's contributions were numerous and extensive. He overhauled, improved, and optimized many parts of the
   codebase. He consistently fielded questions, provided feedback on pull requests, and provided a helping hand wherever
   it was needed.
 * Fred Blaise ([@madchap](https://github.com/madchap) | [LinkedIn](https://www.linkedin.com/in/fredblaise/)) - Fred

components/package.json

@@ -1,6 +1,6 @@
 {
   "name": "defectdojo",
-  "version": "2.37.0",
+  "version": "2.38.2",
   "license" : "BSD-3-Clause",
   "private": true,
   "dependencies": {
@@ -35,7 +35,7 @@
     "metismenu": "~3.0.7",
     "moment": "^2.30.1",
     "morris.js": "morrisjs/morris.js",
-    "pdfmake": "^0.2.10",
+    "pdfmake": "^0.2.12",
     "startbootstrap-sb-admin-2": "1.0.7"
   },
   "engines": {

components/yarn.lock

@@ -536,10 +536,15 @@ pako@~1.0.2:
   resolved "https://registry.yarnpkg.com/pako/-/pako-1.0.11.tgz#6c9599d340d54dfd3946380252a35705a6b992bf"
   integrity sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==
 
-pdfmake@^0.2.10:
-  version "0.2.10"
-  resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.10.tgz#a8a0ee8a5acca8f5d728e0dfe4db8be5f1b9ec6b"
-  integrity sha512-doipFnmE1UHSk+Z3wfQuVweVQqx2pE/Ns2G5gCqZmWwqjDj+mZHnZYH/ryXWoIfD+iVdZUAutgI/VHkTCN+Xrw==
+path-parse@^1.0.7:
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
+  integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
+
+pdfmake@^0.2.12:
+  version "0.2.12"
+  resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.12.tgz#5156f91ff73797947942aa342423bedaa0c0bc93"
+  integrity sha512-TFsqaG6KVtk+TWermmJNNwom3wmB/xiz07prM74KBhdM+7pz3Uwq2b0uoqhhQRn6cYUTpL8lXZY6xF011o1YcQ==
   dependencies:
     "@foliojs-fork/linebreak" "^1.1.1"
     "@foliojs-fork/pdfkit" "^0.14.0"

docker-compose.override.dev.yml

@@ -5,26 +5,30 @@ services:
     volumes:
       - '.:/app:z'
     environment:
-      PYTHONWARNINGS: always  # We are strict during development so Warnings needs to be more verbose
+      PYTHONWARNINGS: error  # We are strict about Warnings during development
+      DD_DEBUG: 'True'
       DD_ADMIN_USER: "${DD_ADMIN_USER:-admin}"
       DD_ADMIN_PASSWORD: "${DD_ADMIN_PASSWORD:-admin}"
       DD_EMAIL_URL: "smtp://mailhog:1025"
   celeryworker:
     volumes:
       - '.:/app:z'
     environment:
-      PYTHONWARNINGS: always  # We are strict during development so Warnings needs to be more verbose
+      PYTHONWARNINGS: error  # We are strict about Warnings during development
+      DD_DEBUG: 'True'
       DD_EMAIL_URL: "smtp://mailhog:1025"
   celerybeat:
     volumes:
       - '.:/app:z'
     environment:
-      PYTHONWARNINGS: always  # We are strict during development so Warnings needs to be more verbose
+      PYTHONWARNINGS: error  # We are strict about Warnings during development
+      DD_DEBUG: 'True'
   initializer:
     volumes:
       - '.:/app:z'
     environment:
-      PYTHONWARNINGS: always  # We are strict during development so Warnings needs to be more verbose
+      PYTHONWARNINGS: error  # We are strict about Warnings during development
+      DD_DEBUG: 'True'
       DD_ADMIN_USER: "${DD_ADMIN_USER:-admin}"
       DD_ADMIN_PASSWORD: "${DD_ADMIN_PASSWORD:-admin}"
   nginx:

docker-compose.yml

@@ -103,7 +103,7 @@ services:
           source: ./docker/extra_settings
           target: /app/docker/extra_settings
   postgres:
-    image: postgres:16.3-alpine@sha256:36ed71227ae36305d26382657c0b96cbaf298427b3f1eaeb10d77a6dea3eec41
+    image: postgres:16.4-alpine@sha256:492898505cb45f9835acc327e98711eaa9298ed804e0bb36f29e08394229550d
     environment:
       POSTGRES_DB: ${DD_DATABASE_NAME:-defectdojo}
       POSTGRES_USER: ${DD_DATABASE_USER:-defectdojo}

docker/entrypoint-unit-tests-devDocker.sh

@@ -54,10 +54,11 @@ EOF
 echo "Unit Tests"
 echo "------------------------------------------------------------"
 
-python3 manage.py test unittests -v 3 --keepdb --no-input --failfast --shuffle --parallel --exclude-tag="non-parallel" || {
+# Removing parallel and shuffle for now to maintain stability
+python3 manage.py test unittests -v 3 --keepdb --no-input --exclude-tag="non-parallel" || {
     exit 1; 
 }
-python3 manage.py test unittests -v 3 --keepdb --no-input --failfast --shuffle --tag="non-parallel" || {
+python3 manage.py test unittests -v 3 --keepdb --no-input --tag="non-parallel" || {
     exit 1; 
 }
 

docker/entrypoint-unit-tests.sh

@@ -80,9 +80,10 @@ python3 manage.py migrate
 echo "Unit Tests"
 echo "------------------------------------------------------------"
 
-python3 manage.py test unittests -v 3 --keepdb --no-input --failfast --shuffle --parallel --exclude-tag="non-parallel" || {
+# Removing parallel and shuffle for now to maintain stability
+python3 manage.py test unittests -v 3 --keepdb --no-input --exclude-tag="non-parallel" || {
     exit 1; 
 }
-python3 manage.py test unittests -v 3 --keepdb --no-input --failfast --shuffle --tag="non-parallel" || {
+python3 manage.py test unittests -v 3 --keepdb --no-input --tag="non-parallel" || {
     exit 1; 
 }

docker/install_chrome_dependencies.py

@@ -18,7 +18,7 @@ def find_packages(library_name):
 
 
 def run_command(cmd, cwd=None, env=None):
-    result = subprocess.run(cmd, cwd=cwd, env=env, capture_output=True, text=True)
+    result = subprocess.run(cmd, cwd=cwd, env=env, capture_output=True, text=True, check=False)
     return result.stdout
 
 
@@ -27,7 +27,7 @@ def ldd(file_path):
     # For simplicity, I'm assuming if we get an error, the code is non-zero.
     try:
         result = subprocess.run(
-            ["ldd", file_path], capture_output=True, text=True,
+            ["ldd", file_path], capture_output=True, text=True, check=False,
         )
         stdout = result.stdout
         code = result.returncode

docker/setEnv.sh

@@ -5,7 +5,6 @@
 target_dir="${0%/*}/.."
 override_link='docker-compose.override.yml'
 override_file_dev='docker-compose.override.dev.yml'
-override_file_debug='docker-compose.override.debug.yml'
 override_file_unit_tests='docker-compose.override.unit_tests.yml'
 override_file_unit_tests_cicd='docker-compose.override.unit_tests_cicd.yml'
 override_file_integration_tests='docker-compose.override.integration_tests.yml'
@@ -77,19 +76,6 @@ function set_dev {
     fi
 }
 
-function set_debug {
-    get_current
-    if [ "${current_env}" != debug ]
-    then
-        docker compose down
-        rm -f ${override_link}
-        ln -s ${override_file_debug} ${override_link}
-        echo "Now using 'debug' configuration."
-    else
-        echo "Already using 'debug' configuration."
-    fi
-}
-
 function set_unit_tests {
     get_current
     if [ "${current_env}" != unit_tests ]

docs/content/en/_index.md

@@ -40,7 +40,7 @@ The open-source edition is [available on
 GitHub](https://github.com/DefectDojo/django-DefectDojo).
 
 A running example is available on [our demo server](https://demo.defectdojo.org),
-using the credentials `admin` / `defectdojo@demo#appsec`. Note: The demo
+using the credentials `admin` / `1Defectdojo@demo#appsec`. Note: The demo
 server is refreshed regularly and provisioned with some sample data.
 
 ### DefectDojo Pro and Enterprise

docs/content/en/contributing/documentation.md

@@ -14,7 +14,7 @@ Static files for the webside are build with github actions and are publish in th
 
 2. Install JavaScript packages
 
-    To build or update your site’s CSS resources, you also need PostCSS to create the final assets. If you need to install it, you must have a recent version of NodeJS installed on your machine so you can use npm, the Node package manager. By default, npm installs tools under the directory where you run npm install:
+    To build or update your site's CSS resources, you also need PostCSS to create the final assets. If you need to install it, you must have a recent version of NodeJS installed on your machine so you can use npm, the Node package manager. By default, npm installs tools under the directory where you run npm install:
 
     {{< highlight bash >}}
     cd docs

docs/content/en/contributing/how-to-write-a-parser.md

@@ -94,7 +94,7 @@ class MyToolParser(object):
 
 ## API Parsers
 
-DefectDojo has a limited number of API parsers. While we won’t remove these connectors, adding API connectors has been problematic and thus we cannot accept new API parsers / connectors from the community at this time for supportability reasonsing. To maintain a high quality API connector, it is necessary to have a license to the tool. To get that license requires partnership with the author or vendor. We're close to announcing a new program to help address this and bring API connectors to DefectDojo.
+DefectDojo has a limited number of API parsers. While we won't remove these connectors, adding API connectors has been problematic and thus we cannot accept new API parsers / connectors from the community at this time for supportability reasonsing. To maintain a high quality API connector, it is necessary to have a license to the tool. To get that license requires partnership with the author or vendor. We're close to announcing a new program to help address this and bring API connectors to DefectDojo.
 
 ## Template Generator
 

docs/content/en/getting_started/upgrading/2.37.md

@@ -14,4 +14,4 @@ MySQL and RabbitMQ have been removed from the following places:
 - Helm Chart
 - Unit/Integration CI/CD Tests
 
-There are no other special instructions for upgrading to 2.37.x. Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.36.0) for the contents of the release.
+There are no other special instructions for upgrading to 2.37.x. Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.37.0) for the contents of the release.