fix(doc): Disable markup.highlight.guessSyntax + enable mermaid

[kiblik]

I found mermaid quite handy during the preparation of documentation for #7311.

Unfortunately, when mermaid is enabled guessSyntax has to be disabled otherwise graphs are not rendered (because guessSyntax marks mermaid snippets as language-fallback and they are not rendered at all).

I added languages to places where they have been probably guessed in the past. Now they do not need to be guessed.

[dryrunsecurity]

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security	Status	Findings
Configured Codepaths Analyzer	✅	0 findings
IDOR Analyzer	✅	0 findings
Sensitive Files Analyzer	✅	0 findings
Server-Side Request Forgery Analyzer	✅	0 findings
SQL Injection Analyzer	✅	0 findings
Authn/Authz Analyzer	✅	0 findings
Secrets Analyzer	✅	0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

This GitHub pull request introduces several changes to the documentation and configuration of the DefectDojo application, with a focus on improving the integration of various authentication methods, including LDAP, social authentication (Auth0, Google, OKTA, Azure AD, Gitlab, Keycloak, GitHub Enterprise), SAML 2.0, and RemoteUser authentication.

The key security-related aspects of these changes are:

1. Secure Cookie Configuration: The changes ensure that session cookies and CSRF tokens are transmitted over HTTPS, and that the application enforces HTTPS redirects, which is a good security practice to prevent session hijacking and man-in-the-middle attacks.

2. Group Synchronization: For Azure AD and RemoteUser authentication, the changes include options to automatically import user groups and synchronize group membership. This feature should be carefully configured to ensure that the group mapping is correct and that unnecessary groups are not being imported.

3. Proxy Authentication: The RemoteUser authentication method is designed to work behind an HTTP authentication proxy, which requires ensuring that the proxy is properly configured to prevent header spoofing attacks.

4. Keycloak Configuration: The Keycloak integration requires setting up the appropriate client in Keycloak, including configuring the redirect URI, audience, and signing algorithm, which must be done correctly to prevent authentication issues.

5. Gitlab Integration: The Gitlab integration includes an option to automatically import Gitlab projects as DefectDojo products, which requires ensuring that the user has the necessary permissions to access the Gitlab projects.

Overall, the changes in this pull request focus on improving the authentication and authorization capabilities of the DefectDojo application, which is a positive step for the project's security and usability. However, it is crucial to ensure that the various authentication configurations are properly set up and maintained to prevent potential security vulnerabilities.

Files Changed:

1. docs/content/en/integrations/parsers/file/fortify.md: This file contains documentation updates for the Fortify parser integration in DefectDojo, which do not introduce any security concerns.

2. docs/config.master.toml and docs/config.dev.toml: These configuration files for the DefectDojo documentation website are updated to enable syntax highlighting, Mermaid diagram support, and Slack integration, which do not raise any immediate security concerns.

3. docs/content/en/usage/productgrading.md: The changes in this file update the documentation for the product health grading system, which does not introduce any security vulnerabilities.

4. docs/content/en/integrations/parsers/file/veracode.md: This file contains documentation updates for the Veracode integration, which do not raise any security concerns.

5. docs/content/en/integrations/ldap-authentication.md: The changes in this file add support for LDAP authentication, which requires careful configuration and management of sensitive credentials to prevent potential security risks.

6. docs/content/en/integrations/social-authentication.md: This file introduces support for various social authentication methods, as well as SAML 2.0 and RemoteUser authentication, which also require proper configuration and security measures to be implemented.

Powered by DryRun Security

[mtesauro]

Approved