Merge branch 'dev' into master-into-dev/2.37.2-2.38.0-dev

Author: Maffooch

NOTICE

@@ -1,7 +1,7 @@
 DefectDojo is licensed under the 3-Clause BSD License: https://github.com/DefectDojo/django-DefectDojo/blob/master/LICENSE.md
 
 
-However, DefectDojo’s dependencies may have different licensing requirements and terms.
+However, DefectDojo's dependencies may have different licensing requirements and terms.
 Complete source code for DefectDojo dependencies are made available on PyPi: https://pypi.org/ 
 
 THIRD-PARTY SOFTWARE NOTICES FOR DEFECTDOJO

README.md

@@ -144,7 +144,7 @@ Moderators can help you with pull requests or feedback on dev ideas:
 * Valentijn Scholten ([@valentijnscholten](https://github.com/valentijnscholten) |
   [Sponsor](https://github.com/sponsors/valentijnscholten) |
   [LinkedIn](https://www.linkedin.com/in/valentijn-scholten/)) - Valentijn served as a core moderator for 3 years.
-  Valentijn’s contributions were numerous and extensive. He overhauled, improved, and optimized many parts of the
+  Valentijn's contributions were numerous and extensive. He overhauled, improved, and optimized many parts of the
   codebase. He consistently fielded questions, provided feedback on pull requests, and provided a helping hand wherever
   it was needed.
 * Fred Blaise ([@madchap](https://github.com/madchap) | [LinkedIn](https://www.linkedin.com/in/fredblaise/)) - Fred

components/package.json

@@ -35,7 +35,7 @@
     "metismenu": "~3.0.7",
     "moment": "^2.30.1",
     "morris.js": "morrisjs/morris.js",
-    "pdfmake": "^0.2.10",
+    "pdfmake": "^0.2.12",
     "startbootstrap-sb-admin-2": "1.0.7"
   },
   "engines": {

components/yarn.lock

@@ -824,10 +824,10 @@ path-parse@^1.0.7:
   resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
   integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
 
-pdfmake@^0.2.10:
-  version "0.2.10"
-  resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.10.tgz#a8a0ee8a5acca8f5d728e0dfe4db8be5f1b9ec6b"
-  integrity sha512-doipFnmE1UHSk+Z3wfQuVweVQqx2pE/Ns2G5gCqZmWwqjDj+mZHnZYH/ryXWoIfD+iVdZUAutgI/VHkTCN+Xrw==
+pdfmake@^0.2.12:
+  version "0.2.12"
+  resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.12.tgz#5156f91ff73797947942aa342423bedaa0c0bc93"
+  integrity sha512-TFsqaG6KVtk+TWermmJNNwom3wmB/xiz07prM74KBhdM+7pz3Uwq2b0uoqhhQRn6cYUTpL8lXZY6xF011o1YcQ==
   dependencies:
     "@foliojs-fork/linebreak" "^1.1.1"
     "@foliojs-fork/pdfkit" "^0.14.0"

docker-compose.yml

@@ -103,7 +103,7 @@ services:
           source: ./docker/extra_settings
           target: /app/docker/extra_settings
   postgres:
-    image: postgres:16.3-alpine@sha256:36ed71227ae36305d26382657c0b96cbaf298427b3f1eaeb10d77a6dea3eec41
+    image: postgres:16.4-alpine@sha256:492898505cb45f9835acc327e98711eaa9298ed804e0bb36f29e08394229550d
     environment:
       POSTGRES_DB: ${DD_DATABASE_NAME:-defectdojo}
       POSTGRES_USER: ${DD_DATABASE_USER:-defectdojo}

docker/install_chrome_dependencies.py

@@ -18,7 +18,7 @@ def find_packages(library_name):
 
 
 def run_command(cmd, cwd=None, env=None):
-    result = subprocess.run(cmd, cwd=cwd, env=env, capture_output=True, text=True)
+    result = subprocess.run(cmd, cwd=cwd, env=env, capture_output=True, text=True, check=False)
     return result.stdout
 
 
@@ -27,7 +27,7 @@ def ldd(file_path):
     # For simplicity, I'm assuming if we get an error, the code is non-zero.
     try:
         result = subprocess.run(
-            ["ldd", file_path], capture_output=True, text=True,
+            ["ldd", file_path], capture_output=True, text=True, check=False,
         )
         stdout = result.stdout
         code = result.returncode

docs/content/en/contributing/documentation.md

@@ -14,7 +14,7 @@ Static files for the webside are build with github actions and are publish in th
 
 2. Install JavaScript packages
 
-    To build or update your site’s CSS resources, you also need PostCSS to create the final assets. If you need to install it, you must have a recent version of NodeJS installed on your machine so you can use npm, the Node package manager. By default, npm installs tools under the directory where you run npm install:
+    To build or update your site's CSS resources, you also need PostCSS to create the final assets. If you need to install it, you must have a recent version of NodeJS installed on your machine so you can use npm, the Node package manager. By default, npm installs tools under the directory where you run npm install:
 
     {{< highlight bash >}}
     cd docs

docs/content/en/contributing/how-to-write-a-parser.md

@@ -94,7 +94,7 @@ class MyToolParser(object):
 
 ## API Parsers
 
-DefectDojo has a limited number of API parsers. While we won’t remove these connectors, adding API connectors has been problematic and thus we cannot accept new API parsers / connectors from the community at this time for supportability reasonsing. To maintain a high quality API connector, it is necessary to have a license to the tool. To get that license requires partnership with the author or vendor. We're close to announcing a new program to help address this and bring API connectors to DefectDojo.
+DefectDojo has a limited number of API parsers. While we won't remove these connectors, adding API connectors has been problematic and thus we cannot accept new API parsers / connectors from the community at this time for supportability reasonsing. To maintain a high quality API connector, it is necessary to have a license to the tool. To get that license requires partnership with the author or vendor. We're close to announcing a new program to help address this and bring API connectors to DefectDojo.
 
 ## Template Generator
 

docs/content/en/getting_started/upgrading/2.38.md

@@ -0,0 +1,28 @@
+---
+title: 'Upgrading to DefectDojo Version 2.38.x'
+toc_hide: true
+weight: -20240805
+description: Breaking Change for HELM deployments
+---
+
+**Breaking Change**
+
+Previous HELM `values.yaml` file was not following the official HELM best practicies on key naming - [https://helm.sh/docs/chart_best_practices/values/#naming-conventions](https://helm.sh/docs/chart_best_practices/values/#naming-conventions)
+
+The following `snake_case` keys are replaced with `camelCase` keys in the `values.yaml`:
+
+- `site_url` is replaced with `siteUrl`
+- `celery.worker.app_settings` block is replaced with `celery.worker.appSettings`. In this block:
+
+  - `pool_type` is replaced with `poolType`
+  - `autoscale_min` is replaced with `autoscaleMin`
+  - `autoscale_max` is replaced with `autoscaleMax`
+  - `prefetch_multiplier` is replaced with `prefetchMultiplier`
+
+- `django.uwsgi.app_settings` block is changed to `django.uwsgi.appSettings`. In this block:
+
+  - `max_fd` is changed to `maxFd`
+
+- `django.uwsgi.enable_debug` is changed to `django.uwsgi.enableDebug`
+
+There are no other special instructions for upgrading to 2.38.x. Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.38.0) for the contents of the release.

docs/content/en/integrations/parsers/file/blackduck_binary_analysis.md

@@ -6,12 +6,12 @@ toc_hide: true
 #### **What** ####
 Black Duck Binary Analysis gives you visibility into open source and third-party dependencies that have been compiled into executables, libraries, containers, and firmware. You can analyze individual files using an intuitive user interface or Black Duck multifactor open source detection, which automates the scanning of binary artifacts.
 
-Using a combination of static and string analysis techniques coupled with fuzzy matching against the Black Duck KnowledgeBase, Black Duck Binary Analysis quickly and reliably identifies components, even if they’ve been modified.
+Using a combination of static and string analysis techniques coupled with fuzzy matching against the Black Duck KnowledgeBase, Black Duck Binary Analysis quickly and reliably identifies components, even if they've been modified.
 
 For more info, check out Black Duck Binary Analysis [here](https://www.synopsys.com/software-integrity/software-composition-analysis-tools/binary-analysis.html).
 
 #### **Why** ####
-Open source vulnerabilities aren’t the only security issues that might be lurking in application binaries.
+Open source vulnerabilities aren't the only security issues that might be lurking in application binaries.
 
 Black Duck Binary Analysis can also detect if sensitive information like email addresses, authorization tokens, compiler switches, and passwords are exposed, and it identifies when mobile applications request excessive permissions—all of which puts your organization and users' personal data at risk.