Merge pull request #14077 from DefectDojo/master-into-dev/2.54.1-2.55.0-dev

Release: Merge back 2.54.1 into dev from: master-into-dev/2.54.1-2.55.0-dev

Author: rossops

.gitignore

@@ -127,6 +127,7 @@ docker/extra_fixtures/*
 !docker/extra_fixtures/readme.txt
 docker/extra_settings/*
 !docker/extra_settings/README.md
+dojo/settings/pro_settings.py
 
 
 # Helm dependencies

docs/content/en/changelog/changelog.md

@@ -8,6 +8,12 @@ Here are the release notes for **DefectDojo Pro (Cloud Version)**. These release
 
 For Open Source release notes, please see the [Releases page on GitHub](https://github.com/DefectDojo/django-DefectDojo/releases), or alternatively consult the Open Source [upgrade notes](/en/open_source/upgrading/upgrading_guide/).
 
+## Jan 2025: v2.54
+
+### Jan 5, 2025: v2.54.0
+
+No significant UX changes.
+
 ## Dec 2025: v2.53
 
 ### Dec 29, 2025: v2.53.5
@@ -64,7 +70,7 @@ For Open Source release notes, please see the [Releases page on GitHub](https://
 
 ## Oct 2025: v2.51
 
-### Oct 27, 2025: v2.51.3
+#### Oct 27, 2025: v2.51.3
 
 * **(Tools)** Added Nuclei scan support for Smart Upload.
 * **(Priority)** Added Prioritization Engine to allow for configurable Priority and Risk calculations for individual Findings under a given Product.
@@ -73,12 +79,12 @@ For Open Source release notes, please see the [Releases page on GitHub](https://
 
 
 
-### Oct 20, 2025: v2.51.2
+#### Oct 20, 2025: v2.51.2
 
 * **(Connectors)** Added Anchore Enterprise Connector.
 
 
-### Oct 14, 2025: v2.51.1
+#### Oct 14, 2025: v2.51.1
 
 * **(Pro UI)** Added Finding Quick Report feature.  Quick report allows users to quickly render an HTML report with the currently displayed Findings on a Finding table.
 
@@ -95,7 +101,7 @@ Click the calculator button to render a score based on the vector string.
 * **(Pro UI)** File names (for attached artifacts) can now be edited directly in the UI.
 * **(Pro UI)** Redirect user to Home after a successful Support Inquiry submission.  
 
-### Oct 6, 2025: v2.51.0
+#### Oct 6, 2025: v2.51.0
 
 No significant Pro changes are present in this release.
 

docs/content/en/open_source/upgrading/2.54.md

@@ -30,9 +30,9 @@ The switch to `django-pghistory` provides several advantages:
 
 ### Migration Notes
 
-- A one-time data migration will take place to populate the `django-pghistory` tables with the initial snapshot of the tracked models.
+- A one-time data migration will take place to "backfill" the `django-pghistory` tables with the initial snapshot of the tracked models.
 - The migration is designed to be fail-safe: if it fails for some reason, it will continue where it left off.
-- The migration can also be performed up front via
+- If it fails completely or for any other reason you want to trigger it manually, you can do so via:
   - `docker compose exec uwsgi bash -c "python manage.py pghistory_backfill_fast"`, or
   - `docker compose exec uwsgi bash -c "python manage.py pghistory_backfill_simple"`, or
   - `docker compose exec uwsgi bash -c "python manage.py pghistory_backfill"`

docs/content/supported_tools/parsers/file/cloudflare_insights.md

@@ -0,0 +1,22 @@
+---
+title: "Cloudflare Insights"
+toc_hide: true
+---
+
+Import Cloudflare Insights findings using the **CSV export** provided by Cloudflare.
+
+### Sample Scan Data
+Sample Cloudflare Insights files can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/cloudflare_insights).
+
+### Supported Fields
+The parser supports the following CSV columns:
+
+- `severity`
+- `issue_class`
+- `subject`
+- `issue_type`
+- `status`
+- `insight` *(optional)*
+- `detection_method` *(optional)*
+- `risk` *(optional)*
+- `recommended_action`

docs/content/supported_tools/parsers/file/gcloud_artifact_scan.md

@@ -8,6 +8,8 @@ Once a scan is completed, results can be pulled via API/gcloud https://cloud.goo
 ### File Types
 DefectDojo parser accepts Google Cloud Artifact Vulnerability Scan data as a .json file.
 
+[This issue](https://github.com/DefectDojo/django-DefectDojo/issues/8552) describes the way to retrieve the json output. 
+
 ### Sample Scan Data
 Sample reports can be found at https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/gcloud_artifact_scan
 

docs/content/supported_tools/parsers/file/pingcastle.md

@@ -1,7 +1,8 @@
+---
 title: "PingCastle"
 toc_hide: true
 ---
 Import results from the [PingCastle](https://www.pingcastle.com/documentation/).
 
 ### Sample Scan Data
-Sample PingCastle scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/pingcastle).
+Sample PingCastle scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/pingcastle).

dojo/db_migrations/0255_remove_system_settings_product_grade.py

@@ -0,0 +1,17 @@
+# Generated by Django 5.2.9 on 2026-01-09 23:56
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('dojo', '0254_remove_vulnerability_id_template_model'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='system_settings',
+            name='product_grade',
+        ),
+    ]

dojo/fixtures/defect_dojo_sample_data.json

@@ -814,7 +814,6 @@
     "url_prefix": "",
     "team_name": "",
     "enable_product_grade": true,
-    "product_grade": "def grade_product(crit, high, med, low):\r\n    health=100\r\n    if crit > 0:\r\n        health = 40\r\n        health = health - ((crit - 1) * 5)\r\n    if high > 0:\r\n        if health == 100:\r\n            health = 60\r\n        health = health - ((high - 1) * 3)\r\n    if med > 0:\r\n        if health == 100:\r\n            health = 80\r\n        health = health - ((med - 1) * 2)\r\n    if low > 0:\r\n        if health == 100:\r\n            health = 95\r\n        health = health - low\r\n\r\n    if health < 5:\r\n        health = 5\r\n\r\n    return health",
     "product_grade_a": 90,
     "product_grade_b": 80,
     "product_grade_c": 70,

dojo/fixtures/dojo_testdata.json

@@ -242,7 +242,6 @@
       "mail_notifications_to": "",
       "enable_jira": false,
       "enable_product_grade": true,
-      "product_grade": "def grade_product(crit, high, med, low):\r\n    health=100\r\n    if crit > 0:\r\n        health = 40\r\n        health = health - ((crit - 1) * 5)\r\n    if high > 0:\r\n        if health == 100:\r\n            health = 60\r\n        health = health - ((high - 1) * 3)\r\n    if med > 0:\r\n        if health == 100:\r\n            health = 80\r\n        health = health - ((med - 1) * 2)\r\n    if low > 0:\r\n        if health == 100:\r\n            health = 95\r\n        health = health - low\r\n\r\n    if health < 5:\r\n        health = 5\r\n\r\n    return health",
       "product_grade_a": 90,
       "product_grade_b": 80,
       "product_grade_c": 70,

dojo/fixtures/system_settings.json

@@ -6,7 +6,6 @@
     "enable_deduplication": false,
     "enable_jira": false,
     "url_prefix": "",
-    "product_grade": "def grade_product(crit, high, med, low):\r\n    health=100\r\n    if crit > 0:\r\n        health = 40\r\n        health = health - ((crit - 1) * 5)\r\n    if high > 0:\r\n        if health == 100:\r\n            health = 60\r\n        health = health - ((high - 1) * 3)\r\n    if med > 0:\r\n        if health == 100:\r\n            health = 80\r\n        health = health - ((med - 1) * 2)\r\n    if low > 0:\r\n        if health == 100:\r\n            health = 95\r\n        health = health - low\r\n\r\n    if health < 5:\r\n        health = 5\r\n\r\n    return health",
     "product_grade_a": 90,
     "product_grade_b": 80,
     "product_grade_c": 70,