Merge branch 'dev' into finding-group-push-individual-jira

Jino-T · web-flow · commit 5795099641f8 · 2025-10-30T16:46:52.000-05:00
diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml
@@ -21,7 +21,7 @@ jobs:
       - name: Setup Node
         uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
-          node-version: '24.10.0' # TODO: Renovate helper might not be needed here - needs to be fully tested
+          node-version: '24.11.0' # TODO: Renovate helper might not be needed here - needs to be fully tested
 
       - name: Cache dependencies
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml
@@ -21,4 +21,4 @@ jobs:
         uses: suzuki-shunsuke/github-action-renovate-config-validator@c22827f47f4f4a5364bdba19e1fe36907ef1318e # v1.1.1
         with:
           strict: "true"
-          validator_version: 41.163.6 # renovate: datasource=github-releases depName=renovatebot/renovate
+          validator_version: 41.165.5 # renovate: datasource=github-releases depName=renovatebot/renovate
diff --git a/.github/workflows/validate_docs_build.yml b/.github/workflows/validate_docs_build.yml
@@ -18,7 +18,7 @@ jobs:
       - name: Setup Node
         uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
-          node-version: '24.10.0' # TODO: Renovate helper might not be needed here - needs to be fully tested
+          node-version: '24.11.0' # TODO: Renovate helper might not be needed here - needs to be fully tested
 
       - name: Cache dependencies
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
diff --git a/docs/content/en/open_source/ldap-authentication.md b/docs/content/en/open_source/ldap-authentication.md
@@ -7,12 +7,12 @@ weight: 4
 
 ## LDAP Authentication
 
-Out of the box Defect Dojo does not support LDAP authentication.
+Out of the box DefectDojo does not support LDAP authentication.
 
-*However*, since Defect Dojo is built using Django, it isn't too difficult to add support for LDAP.
+*However*, since DefectDojo is built using Django, it isn't too difficult to add support for LDAP.
 So long as you don't mind building your own Docker images...
 
-We will need to modify a grand total of 4-5 files, depending on how you want to pass Dojo your LDAP secrets.
+We will need to modify a grand total of 4-5 files, depending on how you want to pass DefectDojo your LDAP secrets.
 
  - Dockerfile.django-*
  - Dockerfile.nginx-*
@@ -23,7 +23,14 @@ We will need to modify a grand total of 4-5 files, depending on how you want to
 
 #### Dockerfile modifications
 
-In both Dockerfile.django and Dockerfile.nginx, you want to add the following lines to the apt-get install layers:
+In both `Dockerfile.django-alpine` and `Dockerfile.nginx-alpine`, you need to add the following lines to the `apk add` layers:
+
+```bash
+openldap-dev \
+cyrus-sasl-dev \
+```
+
+Also, in `Dockerfile.django-debian`, you need to add the following lines to the `apt-get install` layers:
 
 ```bash
 libldap2-dev \
@@ -42,8 +49,8 @@ Please check for the latest version of these requirements at the time of impleme
 Otherwise add the following to requirements.txt:
 
 ```python
-python-ldap==3.4.2
-django-auth-ldap==4.1.0
+python-ldap==3.4.5
+django-auth-ldap==5.2.0
 ```
 
 
@@ -55,21 +62,25 @@ At the top of the file:
 ```python
 import ldap
 from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
+import environ
 ```
 
 Then further down add LDAP settings to the env dict:
 ```python
 # LDAP
-DD_LDAP_SERVER_URI=(str, 'ldap://ldap.example.com'),
-DD_LDAP_BIND_DN=(str, ''),
-DD_LDAP_BIND_PASSWORD=(str, ''),
+env = environ.FileAwareEnv(
+    DD_LDAP_SERVER_URI=(str, 'ldap://ldap.example.com'),
+    DD_LDAP_BIND_DN=(str, ''),
+    DD_LDAP_BIND_PASSWORD=(str, ''),
+)
 ```
 
 Then under the env dict add:
 ```python
 AUTH_LDAP_SERVER_URI = env('DD_LDAP_SERVER_URI')
 AUTH_LDAP_BIND_DN = env('DD_LDAP_BIND_DN')
 AUTH_LDAP_BIND_PASSWORD = env('DD_LDAP_BIND_PASSWORD')
+
 AUTH_LDAP_USER_SEARCH = LDAPSearch(
     "ou=Groups,dc=example,dc=com", ldap.SCOPE_SUBTREE, "(uid=%(user)s)"
 )
@@ -116,7 +127,7 @@ Read the docs for Django Authentication with LDAP here: https://django-auth-ldap
 
 #### docker-compose.yml
 
-In order to pass the variables to the local_settings.py file via docker, it's a good idea to add these to the docker compose file.
+In order to pass the variables to the `local_settings.py` file via docker, it's a good idea to add these to the `docker-compose.yml` file.
 
 You can do this by adding the following variables to the environment section for the uwsgi image:
 ```yaml
@@ -125,4 +136,4 @@ DD_LDAP_BIND_DN: "${DD_LDAP_BIND_DN:-}"
 DD_LDAP_BIND_PASSWORD: "${DD_LDAP_BIND_PASSWORD:-}"
 ```
 
-Alternatively you can set these values in a local_settings.py file.
+Alternatively you can set these values in a `local_settings.py` file.
diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py
@@ -1692,6 +1692,9 @@ class FindingSerializer(serializers.ModelSerializer):
         many=True, read_only=True, source="risk_acceptance_set",
     )
     push_to_jira = serializers.BooleanField(default=False)
+    found_by = serializers.PrimaryKeyRelatedField(
+        queryset=Test_Type.objects.all(), many=True,
+    )
     age = serializers.IntegerField(read_only=True)
     sla_days_remaining = serializers.IntegerField(read_only=True, allow_null=True)
     finding_meta = FindingMetaSerializer(read_only=True, many=True)
@@ -1774,6 +1777,16 @@ def update(self, instance, validated_data):
         if parsed_vulnerability_ids:
             save_vulnerability_ids(instance, parsed_vulnerability_ids)
 
+        # Get found_by from validated_data
+        found_by = validated_data.pop("found_by", None)
+        # Handle updates to found_by data
+        if found_by:
+            instance.found_by.set(found_by)
+        # If there is no argument entered for found_by, the user would like to clear out the values on the Finding's found_by field
+        # Findings still maintain original found_by value associated with their test
+        # In the event the user does not supply the found_by field at all, we do not modify it
+        elif isinstance(found_by, list) and len(found_by) == 0:
+            instance.found_by.clear()
         instance = super().update(
             instance, validated_data,
         )
diff --git a/requirements.txt b/requirements.txt
@@ -43,7 +43,7 @@ titlecase==2.4.1
 social-auth-app-django==5.6.0
 social-auth-core==4.8.1
 gitpython==3.1.45
-python-gitlab==6.5.0
+python-gitlab==7.0.0
 cpe==1.3.1
 packageurl-python==0.17.5
 django-crum==0.7.9
@@ -62,7 +62,7 @@ django-ratelimit==4.1.0
 argon2-cffi==25.1.0
 blackduck==1.1.3
 pycurl==7.45.7  # Required for Celery Broker AWS (SQS) support
-boto3==1.40.60  # Required for Celery Broker AWS (SQS) support
+boto3==1.40.62  # Required for Celery Broker AWS (SQS) support
 netaddr==1.3.0
 vulners==3.1.1
 fontawesomefree==6.6.0
diff --git a/run-unittest.sh b/run-unittest.sh
@@ -17,6 +17,14 @@ usage() {
   echo "You must specify a test case (arg)!"
   echo "Any additional arguments will be passed to the test command."
   echo
+  echo "Make sure you run this script in dev mode."
+  echo "You can enter dev mode using the following command:"
+  echo "./docker/setEnv.sh dev"
+  echo
+  echo "Lastly, make sure the application is running by using the following docker commands:"
+  echo "docker compose build"
+  echo "docker compose up"
+  echo
   echo "Example commands:"
   echo "./run-unittest.sh --test-case unittests.tools.test_stackhawk_parser.TestStackHawkParser"
   echo "./run-unittest.sh --test-case unittests.tools.test_stackhawk_parser.TestStackHawkParser -v3 --failfast"
