DefectDojo
diff --git a/‎.github/workflows/build-docker-images-for-testing.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/build-docker-images-for-testing.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/close-stale.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/close-stale.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/gh-pages.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/gh-pages.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/integration-tests.yml‎
Lines changed: 54 additions & 20 deletions b/‎.github/workflows/integration-tests.yml‎
Lines changed: 54 additions & 20 deletions
diff --git a/‎.github/workflows/k8s-tests.yml‎
Lines changed: 4 additions & 4 deletions b/‎.github/workflows/k8s-tests.yml‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎.github/workflows/release-x-manual-docker-containers.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/release-x-manual-docker-containers.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/renovate.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/renovate.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/update-sample-data.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/update-sample-data.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/validate_docs_build.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/validate_docs_build.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Dockerfile.django-alpine‎
Lines changed: 1 addition & 1 deletion b/‎Dockerfile.django-alpine‎
Lines changed: 1 addition & 1 deletion
@@ -53,7 +53,7 @@ jobs:
 
       - name: Build
         id: docker_build
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
         timeout-minutes: 15
         env:
           DOCKER_BUILD_CHECKS_ANNOTATIONS: false
 
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Close issues and PRs that are pending closure
-        uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1
+        uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
         with:
           # Disable automatic stale marking - only close manually labeled items
           days-before-stale: -1
@@ -27,7 +27,7 @@ jobs:
           close-pr-message: 'This PR has been automatically closed because it was manually labeled as stale. If you believe this was closed in error, please reopen it and remove the stale label.'
 
       - name: Close stale issues and PRs
-        uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1
+        uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
         with:
           # Disable automatic stale marking - only close manually labeled items
           days-before-stale: -1
 
@@ -24,7 +24,7 @@ jobs:
       - name: Setup Node
         uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
         with:
-          node-version: '24.13.0' # TODO: Renovate helper might not be needed here - needs to be fully tested
+          node-version: '24.13.1' # TODO: Renovate helper might not be needed here - needs to be fully tested
 
       - name: Cache dependencies
         uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
 
@@ -11,36 +11,70 @@ jobs:
     strategy:
       matrix:
         test-case: [
-          "tests/finding_test.py",
-          "tests/report_builder_test.py",
-          "tests/notes_test.py",
-          "tests/regulations_test.py",
-          "tests/product_type_test.py",
-          "tests/product_test.py",
+          "openapi-validatator",
+          "tests/action_history_test.py",
+          "tests/alerts_test.py",
+          "tests/announcement_banner_test.py",
+          "tests/banner_test.py",
+          "tests/base_test_class.py",
+          "tests/benchmark_test.py",
+          "tests/calendar_test.py",
+          "tests/check_various_pages.py",
+          "tests/close_old_findings_dedupe_test.py",
+          "tests/close_old_findings_test.py",
+          "tests/credential_test.py",
+          "tests/dashboard_test.py",
+          "tests/dedupe_test.py",
+          "tests/endpoint_extended_test.py",
           "tests/endpoint_test.py",
+          "tests/engagement_checklist_test.py",
+          "tests/engagement_export_test.py",
+          "tests/engagement_extended_test.py",
+          "tests/engagement_presets_test.py",
           "tests/engagement_test.py",
           "tests/environment_test.py",
-          "tests/test_test.py",
-          "tests/user_test.py",
+          "tests/false_positive_history_test.py",
+          "tests/file_test.py",
+          "tests/finding_extended_test.py",
+          "tests/finding_group_test.py",
+          "tests/finding_test.py",
           "tests/group_test.py",
+          "tests/login_test.py",
+          "tests/metrics_extended_test.py",
+          "tests/note_type_test.py",
+          "tests/notes_test.py",
+          "tests/notification_webhook_test.py",
+          "tests/notifications_test.py",
+          "tests/object_test.py",
+          "tests/product_credential_test.py",
           "tests/product_group_test.py",
-          "tests/product_type_group_test.py",
           "tests/product_member_test.py",
+          "tests/product_metadata_test.py",
+          "tests/product_tag_metrics_test.py",
+          "tests/product_test.py",
+          "tests/product_type_group_test.py",
           "tests/product_type_member_test.py",
-          "tests/ibm_appscan_test.py",
+          "tests/product_type_test.py",
+          "tests/questionnaire_advanced_test.py",
+          "tests/questionnaire_test.py",
+          "tests/regulations_test.py",
+          "tests/reimport_scan_test.py",
+          "tests/report_builder_test.py",
+          "tests/risk_acceptance_test.py",
           "tests/search_test.py",
-          "tests/file_test.py",
-          "tests/dedupe_test.py",
-          "tests/announcement_banner_test.py",
-          "tests/close_old_findings_dedupe_test.py",
-          "tests/close_old_findings_test.py",
-          "tests/false_positive_history_test.py",
-          "tests/check_various_pages.py",
+          "tests/sla_configuration_test.py",
+          "tests/system_settings_test.py",
+          "tests/test_copy_test.py",
+          "tests/test_test.py",
+          "tests/test_type_test.py",
+          "tests/threat_model_test.py",
+          "tests/tool_config.py",
+          "tests/tool_product_test.py",
+          "tests/tool_type_test.py",
+          "tests/user_profile_test.py",
+          "tests/user_test.py",
           # "tests/import_scanner_test.py",
           # "tests/zap.py",
-          "tests/notifications_test.py",
-          "tests/tool_config.py",
-          "openapi-validatator",
         ]
         os: [alpine, debian]
         v3_feature_locations: [true, false]
 
@@ -16,18 +16,18 @@ jobs:
           # databases, broker and k8s are independent, so we don't need to test each combination
           # lastest k8s version (https://kubernetes.io/releases/) and the oldest officially supported version
           # are tested (https://kubernetes.io/releases/)
-          - k8s: 'v1.35.0' # renovate: datasource=github-releases depName=kubernetes/kubernetes versioning=loose
+          - k8s: 'v1.35.1' # renovate: datasource=github-releases depName=kubernetes/kubernetes versioning=loose
             os: debian
-          - k8s: '1.32.11' # renovate: datasource=custom.endoflife-oldest-maintained depName=kubernetes
+          - k8s: '1.32.12' # renovate: datasource=custom.endoflife-oldest-maintained depName=kubernetes
             os: debian
     steps:
       - name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Setup Minikube
-        uses: manusa/actions-setup-minikube@b589f2d61bf96695c546929c72b38563e856059d # v2.14.0
+        uses: manusa/actions-setup-minikube@8234275e0386fe1cdaf519d28c90f4f03fad89e4 # v2.15.0
         with:
-          minikube version: 'v1.38.0' # renovate: datasource=github-releases depName=kubernetes/minikube
+          minikube version: 'v1.38.1' # renovate: datasource=github-releases depName=kubernetes/minikube
           kubernetes version: ${{ matrix.k8s }}
           driver: docker
           start args: '--addons=ingress --cni calico'
 
@@ -69,7 +69,7 @@ jobs:
         # we cannot set any tags here, those are set on the merged digest in release-x-manual-merge-container-digests.yml
       - name: Build and push images
         id: build
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
         env:
           DOCKER_BUILD_CHECKS_ANNOTATIONS: false
         with:
 
@@ -21,4 +21,4 @@ jobs:
         uses: suzuki-shunsuke/github-action-renovate-config-validator@ca480cb7ec89a9e1cd8c214ad33bda1617184027 # v2.0.0
         with:
           strict: "true"
-          validator_version: 42.92.5 # renovate: datasource=github-releases depName=renovatebot/renovate
+          validator_version: 43.24.0 # renovate: datasource=github-releases depName=renovatebot/renovate
@@ -20,9 +20,9 @@ jobs:
         with:
           ref: ${{ github.ref_name || 'dev'}}
 
-      - name: Run binary
+      - name: Run updater
         run: |
-          ./fixture-updater dojo/fixtures/defect_dojo_sample_data.json
+          scripts/fixture-updater.py dojo/fixtures/defect_dojo_sample_data.json
           mv output.json dojo/fixtures/defect_dojo_sample_data.json
 
       - name: Configure git
 
@@ -19,7 +19,7 @@ jobs:
       - name: Setup Node
         uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
         with:
-          node-version: '24.13.0' # TODO: Renovate helper might not be needed here - needs to be fully tested
+          node-version: '24.13.1' # TODO: Renovate helper might not be needed here - needs to be fully tested
 
       - name: Cache dependencies
         uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
 
@@ -5,7 +5,7 @@
 # Dockerfile.nginx to use the caching mechanism of Docker.
 
 # Ref: https://devguide.python.org/#branchstatus
-FROM python:3.13.11-alpine3.22@sha256:2fd93799bfc6381d078a8f656a5f45d6092e5d11d16f55889b3d5cbfdc64f045 AS base
+FROM python:3.13.12-alpine3.22@sha256:41351b07080ccfaa27bf38dde20de79ee6a0ac74a58c00c6d7a7d96ac4e69716 AS base
 FROM base AS build
 WORKDIR /app
 RUN \