Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release: Merge back 2.39.1 into bugfix from: master-into-bugfix/2.39.1-2.40.0-dev #11075

Merged
merged 3 commits into from
Oct 15, 2024
Merged

Release: Merge back 2.39.1 into bugfix from: master-into-bugfix/2.39.1-2.40.0-dev #11075

merged 3 commits into from
Oct 15, 2024

Conversation

github-actions[bot]
Copy link
Contributor

Release triggered by rossops

DefectDojo release bot and others added 3 commits October 15, 2024 15:29
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Oct 15, 2024
edited
Loading

DryRun Security Summary

The changes in this GitHub Pull Request are minor updates to the version number in the dojo/__init__.py file and the Helm chart version for the DefectDojo application, which is an open-source application security platform, and do not introduce any obvious security concerns.

Expand for full summary

Summary:

The changes in this GitHub Pull Request are relatively minor and do not introduce any obvious security concerns. The first change updates the version number in the dojo/__init__.py file, which is a typical maintenance update to fix bugs, improve performance, or introduce new features. The second change updates the version of the Helm chart for the DefectDojo application, which is an open-source application security platform. The Helm chart version has been updated, but the version of the DefectDojo application itself remains unchanged.

As an application security engineer, I would recommend approving these changes, as they do not appear to have any direct impact on the security of the application. However, it's always important to review any code changes, even minor ones, to ensure that there are no unintended consequences or hidden security vulnerabilities. In the case of the DefectDojo Helm chart update, the project is actively maintained and focused on application security, which provides additional confidence in the security of the changes.

Files Changed:

  1. dojo/__init__.py: The changes in this file update the __version__ variable from "2.39.0" to "2.39.1". This is a routine maintenance update and does not introduce any security concerns.

  2. helm/defectdojo/Chart.yaml: The changes in this file update the version of the Helm chart from 1.6.154-dev to 1.6.155-dev, while the appVersion field, which represents the version of the DefectDojo application itself, remains at "2.40.0-dev". This is a routine update to the Helm chart and does not raise any immediate security concerns, as the DefectDojo project is actively maintained and focused on application security.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@rossops rossops closed this Oct 15, 2024
@rossops rossops reopened this Oct 15, 2024
@github-actions github-actions bot added the helm label Oct 15, 2024
@rossops rossops merged commit 6b79840 into bugfix Oct 15, 2024
71 checks passed
@rossops rossops deleted the master-into-bugfix/2.39.1-2.40.0-dev branch October 15, 2024 16:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
helm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@rossops