Merge remote-tracking branch 'upstream/dev' into feature/import-preview

Author: valentijnscholten

components/package.json

@@ -1,6 +1,6 @@
 {
   "name": "defectdojo",
-  "version": "2.57.0-dev",
+  "version": "2.58.0-dev",
   "license" : "BSD-3-Clause",
   "private": true,
   "dependencies": {

docs/assets/images/Product_Hierarchy_Overview.png

@@ -0,0 +1,7 @@
+---
+title: 'Upgrading to DefectDojo Version 2.58.x'
+toc_hide: true
+weight: -20260406
+description: No special instructions.
+---
+There are no special instructions for upgrading to 2.58.x. Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.58.0) for the contents of the release.

docs/assets/images/Product_Hierarchy_Overview_2.png

@@ -23,6 +23,6 @@ This is the essence of DefectDojo - import security data, organize it, and prese
 All of these features can be automated, and because DefectDojo can handle over 200 tools (at time of writing) you should be all set to create a functional security inventory of your entire organizational output.
 
 ### Open-Source Features
-- Does your organization use Jira? Learn how to use our [Jira integration](/issue_tracking/jira/jira_guide/) to create Jira tickets from the data you ingest.
+- Does your organization use Jira? Learn how to use our [Jira integration](/issue_tracking/jira/os__jira_guide/) to create Jira tickets from the data you ingest.
 - Are you expecting to share DefectDojo with many users in your organization? Check out our guides to [user management](/admin/user_management/about_perms_and_roles/) and set up role-based access control (RBAC).
 - Ready to dive into automation? Learn how to use the [DefectDojo API](/import_data/import_scan_files/api_pipeline_modelling/) to automatically import new data, and build a robust CI/CD pipeline.

docs/content/en/open_source/upgrading/2.58.md

@@ -21,7 +21,7 @@ DefectDojo is meant to be the central source of truth for your organization's se
 
 - Allowing users to identify duplicate findings across scans and tools, minimizing alert fatigue.
 - Enforcing SLAs on vulnerabilities, ensuring that your organization handles each Finding within an appropriate timeframe.
-- Sending tickets to [Jira](/issue_tracking/jira/jira_guide/), ServiceNow or other Project Tracking software, allowing your development team to integrate issue remediation into their standard release process without requiring them to learn another project management tool.
+- [Sending tickets](/issue_tracking/intro/intro/) to Jira, ServiceNow or other Project Tracking software, allowing your development team to integrate issue remediation into their standard release process without requiring them to learn another project management tool.
 - Integrating into automated [CI/CD pipelines](/import_data/import_scan_files/api_pipeline_modelling/) to automatically ingest report data from repositories, even down to the branch level.
 - Creating [reports](/metrics_reports/reports/using_the_report_builder/) on any set of vulnerabilities or software context, to quickly share scan results or status updates with stakeholders.
 - Establishing acceptance and mitigation workflows, supporting formal risk-management tracking.
@@ -129,6 +129,6 @@ DefectDojo Pro users also have access to [executive-level Metrics dashboards](/g
 
 ### How can I integrate a project management tool with DefectDojo?
 
-In both Pro and Open-Source editions of DefectDojo, Findings in DefectDojo can be pushed to Jira as Issues, which allows you to integrate issue remediation with your development team.  We have a [complete guide to Jira](/issue_tracking/jira/jira_guide/) written which describes the process in detail.
+In both Pro and Open-Source editions of DefectDojo, Findings in DefectDojo can be pushed to Jira as Issues, which allows you to integrate issue remediation with your development team.
 
 DefectDojo Pro adds support for [Additional Project Tracking Integrations](/issue_tracking/intro/intro/)**: ServiceNow, Azure DevOps, GitHub and GitLab.

docs/content/get_started/about/OS__new_user_checklist.md

@@ -65,7 +65,7 @@ Using the 'Push To Jira' workflow triggers an asynchronous process, however an I
 
 Common reasons issues are not created:
 * The Default Issue Type you have selected is not usable with the Jira Space
-* Issues in the Space have required attributes that prevent them from being created via DefectDojo (see our guide to [Custom Fields](../jira_guide/#custom-fields-in-jira))
+* Issues in the Space have required attributes that prevent them from being created via DefectDojo (which can be handled via Custom Fields in Jira)
 
 
 ## Error: Product Misconfigured or no permissions in Jira?
@@ -77,11 +77,11 @@ This error message can appear when attempting to add a created Jira configuratio
 
 ## Changes made to Jira issues are not updating Findings in DefectDojo
 
-* Start by confirming that the [DefectDojo webhook receiver](../jira_guide/#step-3-configure-bidirectional-sync-jira-webhook) is configured correctly and can successfully receive updates.
+* Start by confirming that the DefectDojo webhook receiver is configured correctly and can successfully receive updates.
 
 * Ensure the SSL certificate used by Defect Dojo is trusted by JIRA. For JIRA Cloud you must use [a valid SSL/TLS certificate, signed by a globally trusted certificate authority](https://developer.atlassian.com/cloud/jira/platform/deprecation-notice-registering-webhooks-with-non-secure-urls/)
 
-* If you're trying to push status changes, confirm that Jira transition mappings are set up correctly (Reopen / Close [Transition IDs](../jira_guide/#step-3-configure-bidirectional-sync-jira-webhook)).
+* If you're trying to push status changes, confirm that Jira transition mappings are set up correctly (Reopen / Close Transition IDs).
 
 * [Test](https://support.atlassian.com/jira/kb/testing-webhooks-in-jira-cloud/) your JIRA webhook using a public endpoint such as Pipedream or Beeceptor:
 

docs/content/get_started/about/faq.md

@@ -0,0 +1,39 @@
+---
+title: 'Upgrading to DefectDojo Version 2.57.x'
+toc_hide: true
+weight: -20260406
+description: Deprecation of Credential Manager and Stub Findings
+---
+
+## Deprecation: Credential Manager
+
+The Credential Manager feature is being deprecated and will be removed in DefectDojo 2.59.0 on June 1st, 2026. The following API endpoints are affected:
+
+- `/api/v2/credentials/`
+- `/api/v2/credential_mappings/`
+
+### Required Actions
+
+Support for the Credential Manager will be fully removed in DefectDojo 2.59.0 (scheduled for June 1st, 2026). After this date, any requests to these endpoints will return a 404 Not Found error and the Credential Manager UI will no longer be available.
+
+### Timeline
+
+- **DefectDojo 2.57.x onwards**: Credential Manager is deprecated with deprecation headers on API endpoints
+- **DefectDojo 2.59.0 (June 1st, 2026)**: Credential Manager will be removed entirely
+
+## Deprecation: Stub Findings
+
+The Stub Findings feature is being deprecated and will be removed in DefectDojo 2.59.0 on June 1st, 2026. The following API endpoint is affected:
+
+- `/api/v2/stub_findings/`
+
+### Required Actions
+
+Support for Stub Findings will be fully removed in DefectDojo 2.59.0 (scheduled for June 1st, 2026). After this date, any requests to this endpoint will return a 404 Not Found error and the Stub Findings UI will no longer be available.
+
+### Timeline
+
+- **DefectDojo 2.57.x onwards**: Stub Findings is deprecated with deprecation headers on API endpoints
+- **DefectDojo 2.59.0 (June 1st, 2026)**: Stub Findings will be removed entirely
+
+For more information, check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.57.0).