Release: Merge back 2.34.4 into dev from: master-into-dev/2.34.4-2.35.0-dev

[github-actions]

Release triggered by Maffooch

[dryrunsecurity]

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security	Status	Findings
Configured Codepaths Analyzer	✅	0 findings
AppSec Analyzer	✅	0 findings
Secrets Analyzer	✅	0 findings
Sensitive Files Analyzer	✅	0 findings
Authn/Authz Analyzer	✅	0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The code changes in this pull request span several files and components of the DefectDojo application, with a focus on improving the robustness and flexibility of various security-related features.

The key changes include:

1. Enhancements to the SARIF parser to handle a wider range of severity reporting formats and improve CWE extraction.
2. Improvements to the default reimporter process, including better deduplication logic and handling of findings with special statuses.
3. Version updates to the Helm chart dependencies, such as PostgreSQL, RabbitMQ, and Redis.
4. Addition of a new test case to validate the SARIF parser's handling of severity information in the properties section.

Overall, these changes demonstrate a commitment to improving the security and reliability of the DefectDojo application. The updates to the SARIF parser and reimporter process are particularly noteworthy, as they directly impact the application's ability to accurately identify and manage security vulnerabilities.

The version updates to the Helm chart dependencies are also important, as they ensure that the application is using the latest stable versions of the underlying components, which can help mitigate potential security risks.

Files Changed:

1. dojo/templates/dojo/custom_html_report_endpoint_list.html: The changes modify the visual styling of the HTML report template, but do not introduce any obvious security concerns.
2. dojo/tools/sarif/parser.py: The changes improve the SARIF parser's handling of security severity and CWE information, enhancing the overall security vulnerability reporting capabilities.
3. dojo/tools/progpilot/parser.py: The changes focus on improving the consistency and robustness of the Progpilot parser, ensuring more comprehensive vulnerability reporting.
4. dojo/importers/default_reimporter.py: The changes enhance the default reimporter process, addressing issues with deduplication and handling of findings with special statuses.
5. helm/defectdojo/Chart.yaml: The change updates the Helm chart version, indicating potential underlying changes to the DefectDojo application or its deployment configuration.
6. helm/defectdojo/Chart.lock: The changes update the versions of the Helm chart dependencies, such as PostgreSQL, RabbitMQ, and Redis.
7. unittests/tools/test_sarif_parser.py: The addition of a new test case validates the SARIF parser's handling of severity information, improving the overall test coverage.

Powered by DryRun Security

[Maffooch]

Skipping tests as the failures are related to #10212

These failures will get sorted out once the dev branch is synced with master