docker compose: switch to Valkey as message broker#13331
Merged
DryRunSecurity / General Security Analyzer
succeeded
Oct 27, 2025 in 1m 10s
DryRun Security
Details
General Security Analyzer Findings: 1 detected
⚠️ Hardcoded Default Secrets docker-compose.yml (click for details)
| Type | Hardcoded Default Secrets |
| Description | The docker-compose.yml file contains hardcoded default values for DD_SECRET_KEY and DD_CREDENTIAL_AES_256_KEY. While these are intended as defaults for development environments, their presence in a file that could be used for production deployments without explicit overrides poses a risk. If these values are not overridden, an attacker who knows these default keys could compromise session integrity and decrypt sensitive credentials. |
| Filename | docker-compose.yml |
| CodeLink | django-DefectDojo/docker-compose.yml Lines 53 to 54 in 5440c51 |
Loading