DefectDojo · rossops · Mar 30, 2026 · Mar 23, 2026 · Mar 24, 2026 · Mar 24, 2026
@@ -76,7 +76,7 @@ jobs:
           # "tests/import_scanner_test.py",
           # "tests/zap.py",
         ]
-        os: [alpine, debian]
+        os: [debian]
         v3_feature_locations: [true, false]
         exclude:
           # standalone create endpoint page is gone in v3

@@ -23,13 +23,13 @@ jobs:
         uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           path: built-docker-image
-          pattern: built-docker-image-django-alpine-linux-amd64
+          pattern: built-docker-image-django-debian-linux-amd64
           merge-multiple: true
 
       - name: Load docker images
         timeout-minutes: 10
         run: |
-          docker load -i built-docker-image/django-alpine-linux-amd64_img
+          docker load -i built-docker-image/django-debian-linux-amd64_img
           docker images
 
       - name: Set unit-test mode
@@ -45,7 +45,7 @@ jobs:
             -f docker/docker-compose.override.performance_tests_cicd.yml \
             up -d --no-deps uwsgi
         env:
-          DJANGO_VERSION: alpine
+          DJANGO_VERSION: debian
 
       - name: Run performance tests (auto-update counts)
         timeout-minutes: 15

@@ -16,7 +16,7 @@ jobs:
     runs-on: ${{ inputs.platform ==  'linux/arm64' && 'ubuntu-24.04-arm' || 'ubuntu-latest' }}
     strategy:
       matrix:
-        os: [alpine, debian]
+        os: [debian]
 
     steps:
       # Replace slashes so we can use this in filenames

@@ -18,6 +18,23 @@ See instructions in [DOCKER.md](<https://github.com/DefectDojo/django-DefectDojo
 
 [SaaS link](https://defectdojo.com/platform)
 
+---
+## **Docker Image Variants**
+---
+
+DefectDojo publishes Docker images in multiple variants:
+
+| | AMD64 | ARM64 |
+|---|---|---|
+| **Debian** | ✅ Supported | ⚠️ Unit tested |
+| **Alpine** | ⚠️ Community | ⚠️ Community |
+
+**Debian on AMD64** is the officially supported and tested configuration. All CI tests (unit, integration, and performance) run against this combination.
+
+**Debian on ARM64** is built and covered by unit tests in CI, but integration and performance tests are not run against it.
+
+The **Alpine** variants are built and published but are not covered by any automated testing. Use them at your own risk.
+
 ---
 ## **Options for the brave (not officially supported)**
 ---

@@ -0,0 +1,11 @@
+---
+title: 'Upgrading to DefectDojo Version 2.56.4'
+toc_hide: true
+weight: -20260319
+description: JFrog Xray API Summary Artifact parser deduplication
+---
+
+## JFrog Xray API Summary Artifact parser deduplication
+Deduplication of JFrog Xray API Summary Artifact findings is improved for newly imported findings.  
+
+To apply this on existing data, you need to recompute the hashes for this specific parser [see docs](https://docs.defectdojo.com/triage_findings/finding_deduplication/os__deduplication_tuning/#after-changing-deduplication-settings).
@@ -76,13 +76,44 @@ def apply_async(self, args=None, kwargs=None, **options):
         return super().apply_async(args=args, kwargs=kwargs, **options)
 
 
-class PgHistoryTask(DojoAsyncTask):
+class PluggableContextTask(DojoAsyncTask):
+
+    """
+    Extends DojoAsyncTask with pluggable context managers loaded from settings.
+
+    CELERY_TASK_CONTEXT_MANAGERS is a list of dotted paths to callables that
+    return context managers. Each task execution is wrapped in all of them.
+    This replaces the celery signal-based approach (task_prerun/task_postrun)
+    which does not work reliably with prefork worker pools.
+    """
+
+    def __call__(self, *args, **kwargs):
+        from contextlib import ExitStack  # noqa: PLC0415
+
+        from django.utils.module_loading import import_string  # noqa: PLC0415
+
+        cm_paths = getattr(settings, "CELERY_TASK_CONTEXT_MANAGERS", [])
+        if not cm_paths:
+            return super().__call__(*args, **kwargs)
+
+        # ExitStack ensures all entered context managers are properly exited
+        # (via __exit__) even if the task raises an exception, so cleanup
+        # and batch dispatch always happen.
+        with ExitStack() as stack:
+            for path in cm_paths:
+                cm_factory = import_string(path)
+                stack.enter_context(cm_factory())
+            return super().__call__(*args, **kwargs)
+
+
+class PgHistoryTask(PluggableContextTask):
 
     """
     Custom Celery base task that automatically applies pghistory context.
 
-    This class inherits from DojoAsyncTask to provide:
+    This class inherits from PluggableContextTask to provide:
     - User context injection and task tracking (from DojoAsyncTask)
+    - Pluggable context managers from settings (from PluggableContextTask)
     - Automatic pghistory context application (from this class)
 
     When a task is dispatched via dojo_dispatch_task or dojo_async_task, the current