Release: Merge release into master from: release/2.56.3#14577
Merged
Release: Merge release into master from: release/2.56.3#14577
Conversation
….57.0-dev Release: Merge back 2.56.2 into bugfix from: master-into-bugfix/2.56.2-2.57.0-dev
* implement lychee * pass unit tests * update contribution guidelines for docs * [doc] close_old_findings diff between import types * remove usage docs from open_source/archive * move docs archive up a folder * rules engine is pro only * create a single notification_webhooks article * mv remaining open_source articles * chore: normalize line endings to LF per .gitattributes * fix links * remove redundant upgrade file
Drop System_Settings "credentials" field
* Change dependabot and renovate schedules from daily to weekly on Wednesdays Reduces noise from dependency update PRs by limiting both dependabot and renovate to run once per week on Wednesdays instead of daily. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Pin Hugo version and prevent automated update PRs Remove Renovate annotations from Hugo version lines in workflow files and add gohugoio/hugo to ignoreDeps in renovate.json to prevent Dependabot/Renovate from opening PRs to bump the Hugo version. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Fix import-languages endpoint 500 errors and optimize performance The /api/v2/import-languages/ endpoint was producing 500 errors due to database integrity issues on Language_Type and Languages models. This commit addresses both reliability and performance. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix ruff lint errors in serializer and migration Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Consolidate two migrations into single 0262_language_type_unique_language Combines the data deduplication (RunPython) and schema change (AlterField) into a single migration file. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix test fixtures conflicting with Language_Type unique constraint Remove Language_Type entries from test fixtures that duplicate languages already seeded by migration 0115_language_types. Update Languages FK references to point to the correct seeded Language_Type PKs. - dojo_testdata.json: Remove JSON (pk=1) and Python (pk=2) Language_Type entries, update Languages FK from pk=1 to pk=94 (seeded JSON pk) - dojo_testdata_locations.json: Same changes - defect_dojo_sample_data.json: Remove 3 conflicting Language_Type entries (DOS Batch, InstallShield, Ruby) with PKs that differ from seed data - defect_dojo_sample_data_locations.json: Same changes Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Renumber migration from 0262 to 0263 to avoid conflict Migration 0262_remove_system_settings_credentials was merged to the bugfix branch. Renumber our migration to 0263 and update the dependency chain and max_migration.txt accordingly. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Extended migration steps for PostgreSQL data after upgrading to 2.55.4.
… tie (#14562) * fix: deterministic order when deleting excess duplicate findings order_by("date") does not define order for rows with identical dates. Add id as secondary sort so async_dupe_delete removes oldest duplicates first (by date, then id), matching documented behavior. * test: cover async_dupe_delete ordering when duplicate dates match Add test_delete_duplicate_order_same_date_tiebreak_by_id; lower-id duplicate is removed first when max_dupes is exceeded and date ties.
|
This pull request modifies a sensitive file path (dojo/celery.py) flagged by the configured codepaths check; the scanner reports this as a failing error indicating sensitive edits and suggests configuring allowed paths/authors in .dryrunsecurity.yaml. Please review the change carefully or update .dryrunsecurity.yaml to permit this edit.
🔴 Configured Codepaths Edit in
|
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
We've notified @mtesauro.
Comment to provide feedback on these findings.
Report false positive: @dryrunsecurity fp [FINDING ID] [FEEDBACK]
Report low-impact: @dryrunsecurity nit [FINDING ID] [FEEDBACK]
Example: @dryrunsecurity fp drs_90eda195 This code is not user-facing
All finding details can be found in the DryRun Security Dashboard.
github-actions
bot
added
New Migration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Release triggered by
rossops