-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
remove mysql leftover #10694
base: bugfix
Are you sure you want to change the base?
remove mysql leftover #10694
Conversation
DryRun Security SummaryThe pull request covers changes to various files in the DefectDojo application, focusing on improving code quality, maintainability, and performance, while also addressing potential security concerns related to SQL injection risks, sensitive data exposure, and secure configuration management. Expand for full summarySummary: The code changes in this pull request cover several files related to the DefectDojo application, including utility functions, SQL aggregation, and application settings. Overall, the changes appear to be focused on improving code quality, maintainability, and performance, without introducing any obvious security vulnerabilities. However, as an application security engineer, there are a few areas that warrant further review and consideration:
Overall, the changes in this pull request appear to be generally positive, but it's essential to continue monitoring the application's security posture and address any potential vulnerabilities or security concerns that may arise. Files Changed:
Code AnalysisWe ran
Overall Riskiness🔴 Risk threshold exceeded. We've notified @mtesauro, @grendel513. |
Maybe the following might be removed as well:
This might be adjusted just not sure how:
|
I also don't know @kiblik |
I was nervous to remove those things tbh. I did not have the time when this removal work occurred to fully test and ensure there were no breakages. The safe option is to leave them there, but it would be nice to get rid of these leftovers |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
I agree with going slow on these parts of the code that we're not sure about. We have deprecated MySQL and RabbitMQ but I also don't want to make changes that might actually break MySQL (vs removing GHA tests & entries in compose) until the next minor release (2.38.0 / Sept) to give people a bit more time to migrate to PostgreSQL/Redis especially as it seems removing these has a good chance of busting MySQL users. We keep getting updates to the GH discussion on migrating to Postgres: #9480 |
613467b
to
db6cf36
Compare
Conflicts have been resolved. A maintainer will review the pull request shortly. |
I rebased this @mtesauro. I guess we can give this a go now. |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
db6cf36
to
710524d
Compare
Conflicts have been resolved. A maintainer will review the pull request shortly. |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
Conflicts have been resolved. A maintainer will review the pull request shortly. |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
Conflicts have been resolved. A maintainer will review the pull request shortly. |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
Conflicts have been resolved. A maintainer will review the pull request shortly. |
@manuel-sommer FYI: As of Feb, we'll have deprecated MySQL for 6 months so we're targeting getting this PR merged in the Feb minor release. Thanks for keeping this alive 🚀 |
Conflicts have been resolved. A maintainer will review the pull request shortly. |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
Conflicts have been resolved. A maintainer will review the pull request shortly. |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
Conflicts have been resolved. A maintainer will review the pull request shortly. |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
0fbee40
to
a903722
Compare
Conflicts have been resolved. A maintainer will review the pull request shortly. |
Conflicts have been resolved. A maintainer will review the pull request shortly. |
No description provided.