Merge branch 'dev' into master-into-dev/2.47.1-2.48.0-dev

Author: rossops

docker-compose.yml

@@ -105,7 +105,7 @@ services:
           source: ./docker/extra_settings
           target: /app/docker/extra_settings
   postgres:
-    image: postgres:17.5-alpine@sha256:f325a29ec9deb7039c5f07761d77d79d537dac836ecd99f982f6ca5476724604
+    image: postgres:17.5-alpine@sha256:bcb90dc18910057ff49ce2ea157d8a0d534964090d39af959df41083f18c3318
     environment:
       POSTGRES_DB: ${DD_DATABASE_NAME:-defectdojo}
       POSTGRES_USER: ${DD_DATABASE_USER:-defectdojo}
@@ -114,7 +114,7 @@ services:
       - defectdojo_postgres:/var/lib/postgresql/data
   redis:
     # Pinning to this version due to licensing constraints
-    image: redis:7.2.8-alpine@sha256:c88ea2979a49ca497bbf7d39241b237f86c98e58cb2f6b1bc2dd167621f819bb
+    image: redis:7.2.9-alpine@sha256:fce236b99c58ef7196c4e243e43f533b404d5c17239cae4e6e262b729a1952b3
     volumes:
       - defectdojo_redis:/data
 volumes:

docs/content/en/open_source/upgrading/2.48.md

@@ -0,0 +1,7 @@
+---
+title: 'Upgrading to DefectDojo Version 2.48.x'
+toc_hide: true
+weight: -20250602
+description: No special instructions.
+---
+There are no special instructions for upgrading to 2.48.x. Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.48.0) for the contents of the release.

docs/package-lock.json

@@ -16,7 +16,7 @@
     "@thulite/images": "3.3.0",
     "@thulite/inline-svg": "1.2.0",
     "@thulite/seo": "2.4.1",
-    "@tabler/icons": "3.33.0",
+    "@tabler/icons": "3.34.0",
     "thulite": "2.5.0"
   },
   "devDependencies": {

docs/package.json

@@ -119,6 +119,17 @@ def get_item(vuln, test, check_type):
     if "check_name" in vuln:
         description += f"{vuln['check_name']}\n"
 
+    if "description" in vuln:
+        description += f"\n{vuln['description']}\n"
+    mitigation = ""
+    if "benchmarks" in vuln:
+        bms = vuln["benchmarks"].keys()
+        if len(bms) > 0:
+            mitigation += "\nBenchmarks:\n"
+            for bm in bms:
+                for gl in vuln["benchmarks"][bm]:
+                    mitigation += f"- {bm} # {gl['name']} : {gl['description']}\n"
+
     file_path = vuln.get("file_path", None)
     source_line = None
     if "file_line_range" in vuln:
@@ -133,8 +144,6 @@ def get_item(vuln, test, check_type):
     if "severity" in vuln and vuln["severity"] is not None:
         severity = vuln["severity"].capitalize()
 
-    mitigation = ""
-
     references = vuln.get("guideline", "")
     return Finding(
         title=title,

dojo/tools/checkov/parser.py

@@ -1 +1 @@
-ruff==0.11.12
+ruff==0.11.13

requirements-lint.txt

@@ -2,7 +2,7 @@
 asteval==1.0.6
 bleach==6.2.0
 bleach[css]
-celery==5.5.2
+celery==5.5.3
 defusedxml==0.7.1
 django_celery_results==2.6.0
 django-auditlog==3.1.2
@@ -35,20 +35,20 @@ psycopg[c]==3.2.9
 cryptography==45.0.3
 python-dateutil==2.9.0.post0
 pytz==2025.1
-redis==5.2.1
+redis==6.2.0
 requests==2.32.3
 sqlalchemy==2.0.41  # Required by Celery broker transport
 urllib3==2.4.0
-uWSGI==2.0.29
+uWSGI==2.0.30
 vobject==0.9.9
 whitenoise==5.2.0
 titlecase==2.4.1
 social-auth-app-django==5.4.3
 social-auth-core==4.6.1
 gitpython==3.1.44
-python-gitlab==5.6.0
+python-gitlab==6.0.0
 cpe==1.3.1
-packageurl-python==0.16.0
+packageurl-python==0.17.0
 django-crum==0.7.9
 JSON-log-formatter==1.1.1
 django-split-settings==1.3.2
@@ -64,12 +64,12 @@ hyperlink==21.0.0
 django-test-migrations==1.4.0
 djangosaml2==1.10.1
 drf-spectacular==0.28.0
-drf-spectacular-sidecar==2025.5.1
+drf-spectacular-sidecar==2025.6.1
 django-ratelimit==4.1.0
-argon2-cffi==23.1.0
+argon2-cffi==25.1.0
 blackduck==1.1.3
 pycurl==7.45.6  # Required for Celery Broker AWS (SQS) support
-boto3==1.38.26  # Required for Celery Broker AWS (SQS) support
+boto3==1.38.31  # Required for Celery Broker AWS (SQS) support
 netaddr==1.3.0
 vulners==2.3.7
 fontawesomefree==6.6.0

requirements.txt

@@ -32,64 +32,64 @@ exclude = [
 
 [lint]
 select = [
-   "F",
-   "E",
-   "W",
-   "C90",
-   "I",
-   "N803", "N804", "N811", "N812", "N813", "N814", "N817", "N818", "N999",
-   "D2", "D3", "D402", "D403", "D405", "D406", "D407", "D408", "D409", "D410", "D411", "D412", "D413", "D414", "D416",
-   "UP",
+   "AIR",
+   "FAST",
    "YTT",
    "ASYNC",
    "S1", "S2", "S302", "S303", "S304", "S305", "S306", "S307", "S31", "S321", "S323", "S324", "S401", "S402", "S406", "S407", "S408", "S409", "S41", "S5", "S601", "S602", "S604", "S605", "S606", "S607", "S609", "S61", "S7",
    "FBT",
+   "B00", "B010", "B011", "B012", "B013", "B014", "B015", "B016", "B017", "B018", "B019", "B020", "B021", "B022", "B023", "B025", "B028", "B029", "B03", "B901", "B903", "B905", "B911",
    "A",
    "COM",
    "C4",
+   "DTZ003", "DTZ004", "DTZ012", "DTZ901",
    "T10",
    "DJ003", "DJ01",
    "EM",
    "EXE",
+   "FIX",
    "FA",
-   "DTZ003", "DTZ004", "DTZ012", "DTZ901",
+   "INT",
    "ISC",
    "ICN",
    "LOG",
    "G001", "G002", "G01", "G1", "G2",
    "INP",
    "PIE",
    "T20",
+   "PYI00", "PYI01", "PYI020", "PYI021", "PYI025", "PYI026", "PYI029",  "PYI03",  "PYI04",  "PYI05",  "PYI06",
+   "PT001", "PT002", "PT003", "PT006", "PT007", "PT008", "PT01", "PT020", "PT021", "PT022", "PT023", "PT024", "PT025", "PT026", "PT028", "PT029", "PT03",
    "Q",
    "RSE",
    "RET",
-   "SLOT",
    "SIM",
+   "SLOT",
    "TID",
+   "TD001", "TD004", "TD005", "TD007",
    "TC",
-   "INT",
    "ARG003", "ARG004", "ARG005",
    "PTH",
-   "TD001", "TD004", "TD005", "TD007",
-   "FIX",
+   "FLY",
+   "I",
+   "C90",
+   "NPY",
    "PD",
+   "N803", "N804", "N811", "N812", "N813", "N814", "N817", "N818", "N999",
+   "PERF1", "PERF2", "PERF401", "PERF403",
+   "E",
+   "W",
+   "DOC202", "DOC403", "DOC502",
+   "D2", "D3", "D402", "D403", "D405", "D406", "D407", "D408", "D409", "D410", "D411", "D412", "D413", "D414", "D416",
+   "F",
    "PGH",
    "PLC01", "PLC02", "PLC0414", "PLC18", "PLC24", "PLC28", "PLC3",
    "PLE",
    "PLR01", "PLR02", "PLR04", "PLR0915", "PLR1716", "PLR172", "PLR173", "PLR2044", "PLR5", "PLR6104", "PLR6201",
    "PLW01", "PLW02", "PLW04", "PLW0602", "PLW0604", "PLW07", "PLW1", "PLW2", "PLW3",
-   "TRY003", "TRY004", "TRY2", "TRY300", "TRY401",
-   "PT001", "PT002", "PT003", "PT006", "PT007", "PT008", "PT01", "PT020", "PT021", "PT022", "PT023", "PT024", "PT025", "PT026", "PT028", "PT029", "PT03",
-   "FLY",
-   "NPY",
-   "PYI00", "PYI01", "PYI020", "PYI021", "PYI025", "PYI026", "PYI029",  "PYI03",  "PYI04",  "PYI05",  "PYI06",
-   "FAST",
-   "AIR",
+   "UP",
    "FURB",
-   "DOC202", "DOC403", "DOC502",
    "RUF",
-   "B00", "B010", "B011", "B012", "B013", "B014", "B015", "B016", "B017", "B018", "B019", "B020", "B021", "B022", "B023", "B025", "B028", "B029", "B03", "B901", "B903", "B905", "B911",
-   "PERF1", "PERF2", "PERF401", "PERF403",
+   "TRY003", "TRY004", "TRY2", "TRY300", "TRY401",
 ]
 ignore = [
     "E501",