DefectDojo
diff --git a/‎.github/workflows/gh-pages.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/gh-pages.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/release-x-manual-helm-chart.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/release-x-manual-helm-chart.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/validate_docs_build.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/validate_docs_build.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Dockerfile.nginx-alpine‎
Lines changed: 1 addition & 1 deletion b/‎Dockerfile.nginx-alpine‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Dockerfile.nginx-debian‎
Lines changed: 1 addition & 1 deletion b/‎Dockerfile.nginx-debian‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎components/package.json‎
Lines changed: 1 addition & 1 deletion b/‎components/package.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎components/yarn.lock‎
Lines changed: 9 additions & 9 deletions b/‎components/yarn.lock‎
Lines changed: 9 additions & 9 deletions
diff --git a/‎docker-compose.yml‎
Lines changed: 2 additions & 2 deletions b/‎docker-compose.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎docs/content/en/connecting_your_tools/parsers/file/mayhem.md‎
Lines changed: 19 additions & 0 deletions b/‎docs/content/en/connecting_your_tools/parsers/file/mayhem.md‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎docs/content/en/connecting_your_tools/parsers/file/snyk_code.md‎
Lines changed: 1 addition & 2 deletions b/‎docs/content/en/connecting_your_tools/parsers/file/snyk_code.md‎
Lines changed: 1 addition & 2 deletions
@@ -21,7 +21,7 @@ jobs:
       - name: Setup Node
         uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
         with:
-          node-version: '22.17.0'
+          node-version: '22.17.1'
 
       - name: Cache dependencies
         uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
 
@@ -71,7 +71,7 @@ jobs:
              helm dependency update ./helm/defectdojo
 
       - name: Add yq
-        uses: mikefarah/yq@b534aa9ee5d38001fba3cd8fe254a037e4847b37 # v4.45.4
+        uses: mikefarah/yq@f03c9dc599c37bfcaf533427211d05e51e6fee64 # v4.47.1
 
       - name: Pin version docker version
         id: pin_image
 
@@ -18,7 +18,7 @@ jobs:
       - name: Setup Node
         uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
         with:
-          node-version: '22.17.0'
+          node-version: '22.17.1'
 
       - name: Cache dependencies
         uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
 
@@ -54,7 +54,7 @@ COPY manage.py ./
 COPY dojo/ ./dojo/
 RUN env DD_SECRET_KEY='.' python3 manage.py collectstatic --noinput && true
 
-FROM nginx:1.28.0-alpine3.21@sha256:aed99734248e851764f1f2146835ecad42b5f994081fa6631cc5d79240891ec9
+FROM nginx:1.28.0-alpine3.21@sha256:d83c0138ea82c9f05c4378a5001e0c71256b647603c10c186bd7697a4db722d3
 ARG uid=1001
 ARG appuser=defectdojo
 COPY --from=collectstatic /app/static/ /usr/share/nginx/html/static/
 
@@ -73,7 +73,7 @@ COPY dojo/ ./dojo/
 
 RUN env DD_SECRET_KEY='.' python3 manage.py collectstatic --noinput && true
 
-FROM nginx:1.28.0-alpine3.21@sha256:aed99734248e851764f1f2146835ecad42b5f994081fa6631cc5d79240891ec9
+FROM nginx:1.28.0-alpine3.21@sha256:d83c0138ea82c9f05c4378a5001e0c71256b647603c10c186bd7697a4db722d3
 ARG uid=1001
 ARG appuser=defectdojo
 COPY --from=collectstatic /app/static/ /usr/share/nginx/html/static/
 
@@ -13,7 +13,7 @@
     "chosen-js": "^1.8.7",
     "clipboard": "^2.0.11",
     "datatables.net": "^2.3.1",
-    "datatables.net-buttons-bs": "^3.2.3",
+    "datatables.net-buttons-bs": "^3.2.4",
     "datatables.net-colreorder": "^2.1.1",
     "drmonty-datatables-plugins": "^1.0.0",
     "drmonty-datatables-responsive": "^1.0.0",
 
@@ -187,19 +187,19 @@ datatables.net-bs@^2:
     datatables.net "2.3.2"
     jquery ">=1.7"
 
-datatables.net-buttons-bs@^3.2.3:
-  version "3.2.3"
-  resolved "https://registry.yarnpkg.com/datatables.net-buttons-bs/-/datatables.net-buttons-bs-3.2.3.tgz#989dfaebad1731fc72ebe1fc33bf9e94b365ec2a"
-  integrity sha512-1Td8OKEeyKB+W26pbqxUlea6NUoR0znQq2c2tqDfnCAWRBfJaNs2+xXBdYhylC5ACGmie1HieliS8kV9gAfY6w==
+datatables.net-buttons-bs@^3.2.4:
+  version "3.2.4"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons-bs/-/datatables.net-buttons-bs-3.2.4.tgz#7a883c3ee8c6428fb99e6e6e56c39d0051386039"
+  integrity sha512-wOljUlsJ4sU5pABim+cwbO61ZFRv4aak1PkNL812i/qFwIEcsji7uz59PAx1ZoP1YdNtetj4Vn7D5oTU+Ijedw==
   dependencies:
     datatables.net-bs "^2"
-    datatables.net-buttons "3.2.3"
+    datatables.net-buttons "3.2.4"
     jquery ">=1.7"
 
-datatables.net-buttons@3.2.3:
-  version "3.2.3"
-  resolved "https://registry.yarnpkg.com/datatables.net-buttons/-/datatables.net-buttons-3.2.3.tgz#26eae1f012fd5cfbfcf28dfbfd8a4b644ea8a4ae"
-  integrity sha512-K+WeQWUYVGe5c3Gwb8Gfi7YpUXbJEerik3B2vynnVKpBlYBF5AHTGbrK1Psek2q/mjxeIVNHafQ9eX2otLhJVw==
+datatables.net-buttons@3.2.4:
+  version "3.2.4"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons/-/datatables.net-buttons-3.2.4.tgz#c58cc0bb518da8738bec6e64a54c1135dc257141"
+  integrity sha512-anA39/R0kpHA2DOwqEHy/ZMXD5vf4tWmyNO0BnO0kJG7AFNvGTUCWBnBifXYg3G64U6JYpYY+MuTFKIB1/ZMTQ==
   dependencies:
     datatables.net "^2"
     jquery ">=1.7"
 
@@ -120,7 +120,7 @@ services:
           source: ./docker/extra_settings
           target: /app/docker/extra_settings
   postgres:
-    image: postgres:17.5-alpine@sha256:fbe21607052bb5c298674f2fd8cf044a63aa3ddf50b81627f894f91f40f50bcb
+    image: postgres:17.5-alpine@sha256:6567bca8d7bc8c82c5922425a0baee57be8402df92bae5eacad5f01ae9544daa
     environment:
       POSTGRES_DB: ${DD_DATABASE_NAME:-defectdojo}
       POSTGRES_USER: ${DD_DATABASE_USER:-defectdojo}
@@ -129,7 +129,7 @@ services:
       - defectdojo_postgres:/var/lib/postgresql/data
   redis:
     # Pinning to this version due to licensing constraints
-    image: redis:7.2.9-alpine@sha256:fce236b99c58ef7196c4e243e43f533b404d5c17239cae4e6e262b729a1952b3
+    image: redis:7.2.10-alpine@sha256:395ccd7ee4db0867de0d0410f4712a9e0331cff9fdbd864f71ec0f7982d3ffe6
     volumes:
       - defectdojo_redis:/data
 volumes:
 
@@ -0,0 +1,19 @@
+---
+title: "Mayhem SARIF Reports"
+toc_hide: true
+---
+Import for Mayhem generated SARIF reports. In general, the exiting
+SARIF report consumer should work, and for general cases does. However,
+since Mayhem is A. DAST and B. includes fuzzed data in the content of
+the report, a Mayhem-specific SARIF consumer is added.
+See more below: 
+[Mayhem SARIF Report (API)](https://docs.mayhem.security/api-testing/tutorials/identifying-api-issues/bug-reporting/#sarif-reports).
+[Mayhem SARIF Report (CI)](https://docs.mayhem.security/integrations/ci-integrations/github/#analyzing-sarif-reports).
+
+
+#### Parity with Existing SARIF Consumer
+
+The current implementation is mostly lifted from the existing SARIF parser support. As such, it will also aggregate all the findings in the SARIF file in one single report, and it also supports fingerprint deduplication.
+
+### Sample Scan Data
+Sample Mayhem SARIF reports can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/mayhem).
@@ -2,8 +2,7 @@
 title: "Snyk Code"
 toc_hide: true
 ---
-Snyk output file (snyk test \--json \> snyk.json) can be imported in
-JSON format. Only SCA (Software Composition Analysis) report is supported (SAST report not supported yet).
+Snyk output file (snyk code test \--sarif \> snyk.json) can be imported in JSON SARIF format. 
 
 ### Sample Scan Data
 Sample Snyk Code scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/snyk_code).