Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Changelog update 2.42.3 + fix docs image refs #11679

Merged
merged 3 commits into from
Jan 29, 2025
Merged

Changelog update 2.42.3 + fix docs image refs #11679

merged 3 commits into from
Jan 29, 2025

Conversation

paulOsinski
Copy link
Contributor

  • Updating changelog for 2.42.3
  • Changing heading format so that sidebar is easier to navigate across versions
  • fixing broken image refs that were preventing site update

@github-actions github-actions bot added the docs label Jan 27, 2025
@dryrunsecurity DryRunSecurity
Copy link

DryRun Security Summary

The pull request updates DefectDojo's API v2 documentation and changelog, focusing on security improvements including API key management, authentication methods, and various security-related enhancements for the Pro version while emphasizing secure development practices.

Expand for full summary

Summary:

The code changes in this pull request focus on updating the documentation for the DefectDojo API v2. The key updates include providing information on how to generate API keys, interact with the API using the Swagger UI, and leverage alternative authentication methods. From a security perspective, these changes are positive as they highlight the importance of secure API key management, the ability to use alternative authentication methods, and the versioning of the API to allow for breaking changes without impacting existing integrations.

The changelog also covers several security-related changes and improvements to the DefectDojo Pro (Cloud Version) application, such as the addition of severity-based filtering for connectors, limiting API payloads, proper RBAC implementation, audit trails for risk acceptance, and secure configurations for multiple AWS Security Hub accounts. These changes demonstrate a security-conscious approach to the development and maintenance of the DefectDojo application.

Files Changed:

  1. docs/content/en/api/api-v2-docs.md: This file has been updated to provide comprehensive documentation for the DefectDojo API v2, including information on generating API keys, using the Swagger UI, and leveraging alternative authentication methods. The documentation emphasizes the importance of secure API key management and the ability to use SSO for authentication.

  2. docs/content/en/changelog/changelog.md: This file has been updated to include several security-related changes and improvements to the DefectDojo Pro (Cloud Version) application, such as severity-based filtering for connectors, limiting API payloads, proper RBAC implementation, audit trails for risk acceptance, and secure configurations for multiple AWS Security Hub accounts. These changes demonstrate a strong focus on application security.

Code Analysis

We ran 9 analyzers against 3 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@dryrunsecurity DryRunSecurity
Copy link

DryRun Security Summary

The pull request updates DefectDojo's API v2 documentation and changelog, focusing on security improvements including API key management, authentication methods, and various security enhancements for the Pro version while emphasizing secure development practices.

Expand for full summary

Summary:

The code changes in this pull request focus on updating the documentation for the DefectDojo API v2. The key updates include providing information on how to generate API keys, interact with the API using the Swagger UI, and leverage alternative authentication methods. From a security perspective, these changes are positive as they highlight the importance of secure API key management, the ability to use alternative authentication methods, and the versioning of the API to allow for breaking changes without impacting existing integrations.

The changelog also covers several security-related changes and improvements to the DefectDojo Pro (Cloud Version) application, such as the addition of severity-based filtering for connectors, limiting API payloads, proper RBAC implementation, audit trails for risk acceptance, and secure configurations for multiple AWS Security Hub accounts. These changes demonstrate a security-conscious approach to the development and maintenance of the DefectDojo application.

Files Changed:

  1. docs/content/en/api/api-v2-docs.md: This file has been updated to provide comprehensive documentation for the DefectDojo API v2, including information on generating API keys, using the Swagger UI, and leveraging alternative authentication methods. The documentation emphasizes the importance of secure API key management and the ability to use SSO for authentication.

  2. docs/content/en/changelog/changelog.md: This file has been updated to include several security-related changes and improvements to the DefectDojo Pro (Cloud Version) application, such as severity-based filtering for connectors, limiting API payloads, proper RBAC implementation, audit trails for risk acceptance, and secure configurations for multiple AWS Security Hub accounts. These changes demonstrate a strong focus on application security.

Code Analysis

We ran 9 analyzers against 3 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@paulOsinski paulOsinski changed the title Changelog updates 2.42.3 Changelog updates 2.42.3 + fix image refs Jan 27, 2025
@paulOsinski paulOsinski changed the title Changelog updates 2.42.3 + fix image refs Changelog updates 2.42.3 + fix docs image refs Jan 27, 2025
@paulOsinski paulOsinski changed the title Changelog updates 2.42.3 + fix docs image refs Changelog update 2.42.3 + fix docs image refs Jan 27, 2025
mtesauro
mtesauro approved these changes Jan 27, 2025
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@Maffooch Maffooch merged commit d789823 into DefectDojo:master Jan 29, 2025
70 of 72 checks passed
runderwoodcr14 pushed a commit to runderwoodcr14/django-DefectDojo that referenced this pull request Feb 2, 2025
@paulOsinski
Changelog update 2.42.3 + fix docs image refs (DefectDojo#11679)
4f1f47f 
* fix broken image embeds

* update changelog 2.42.3

* change versioning format to clean up sidebar

---------

Co-authored-by: Paul Osinski <paul.m.osinski@gmail.com>
@paulOsinski paulOsinski deleted the changelog branch February 10, 2025 21:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@grendel513 grendel513 grendel513 approved these changes

@mtesauro mtesauro mtesauro approved these changes

@Maffooch Maffooch Maffooch approved these changes

@blakeaowens blakeaowens blakeaowens approved these changes

Assignees
No one assigned
Labels
docs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@paulOsinski @grendel513 @mtesauro @Maffooch @blakeaowens