Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release: Merge back 2.36.6 into bugfix from: master-into-bugfix/2.36.6-2.37.0-dev #10649

Merged
merged 6 commits into from
Jul 29, 2024
Merged

Release: Merge back 2.36.6 into bugfix from: master-into-bugfix/2.36.6-2.37.0-dev #10649

merged 6 commits into from
Jul 29, 2024

Conversation

github-actions[bot]
Copy link
Contributor

Release triggered by Maffooch

@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jul 29, 2024
edited
Loading

DryRun Security Summary

The provided code change is an update to the Helm chart for the DefectDojo application, which updates the version of the chart from 1.6.143-dev to 1.6.144-dev, and it is important to review the changes in the Helm chart carefully to ensure that there are no security-related updates or changes that could impact the security of the deployed application.

Expand for full summary

Summary:

The provided code change is an update to the Helm chart for the DefectDojo application, which is a popular open-source application for managing software vulnerabilities. The change updates the version of the chart from 1.6.143-dev to 1.6.144-dev. From an application security perspective, this change is not particularly concerning, as the Helm chart is responsible for deploying the DefectDojo application to a Kubernetes cluster, and the version update is likely to include bug fixes, improvements, or new features.

However, it's important to review the changes in the Helm chart carefully to ensure that there are no security-related updates or changes that could impact the security of the deployed application. This includes reviewing any changes to the chart's dependencies, such as the versions of the MySQL, PostgreSQL, RabbitMQ, and Redis charts. Additionally, it's a good practice to review the release notes or commit history for the DefectDojo project to understand the context of this version update and any security-related changes that may have been made. Overall, this code change appears to be a routine version update, but it's always important to review changes to critical applications like DefectDojo from an application security perspective.

Files Changed:

  • helm/defectdojo/Chart.yaml: This file contains the metadata for the Helm chart, including the version of the chart. The change updates the version from 1.6.143-dev to 1.6.144-dev.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@Maffooch Maffooch merged commit 8404763 into bugfix Jul 29, 2024
10 checks passed
@Maffooch Maffooch deleted the master-into-bugfix/2.36.6-2.37.0-dev branch July 29, 2024 18:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Maffooch