helm/securecodebox/persistence-defectdojo 4.14.0

v4.14.0

on Artifact Hub

What's Changed

🚀 Features

• Added Scan Metadata to Findings by @Ilyesbdlala in #2909

🚓 Security Scanner

• Upgraded gitleaks from v8.23.3 to v8.24.0 @secureCodeBoxBot (#2914)
• Upgraded semgrep from 1.106.0 to 1.113.0 @secureCodeBoxBot (#2889, #2902, #2913, #2923, #2928, #2948)
• Upgraded trivy from 0.59.0 to 0.60.0 @secureCodeBoxBot (#2888, #2930)
• Upgraded trivy-sbom from 0.59.0 to 0.60.0 @secureCodeBoxBot (#2887, #2931)
• Upgraded wpscan from v3.8.27 to v3.8.28 @secureCodeBoxBot (#2922)

⚓️ Hooks

• Improve Error Handling in DefectDojo Persistence Provider by @Weltraumschaf in #2833

🐛 Bug Fixes

• Fix http-webhook chart by @muffl0n in #2878
• Remove vagrant by @Weltraumschaf in #2894
• Handle conflict errors when updating Scan status by @Ilyesbdlala in #2901
• Remove underscore in container name by @Reet00 in #2903
• Allow configuration of imagePullSecret for all trivy components by @K4iM4k3r in #2929
• Adjust logs for Container AutoDiscovery by @BorisShek in #2932

📚 Documentation

• Clarify Container AutoDiscovery being disable by default @BorisShek in #2924

🔧 Maintenance

• Insert missing link in hook documentation by @Ilyesbdlala in #2911
• Handle conflict with ScheduledScan status updates with retry logic by @Ilyesbdlala in #2910
• Moved Upgrading.md to the documentation website by @Ilyesbdlala in #2915

📌 Dependencies

• Update version of minio chart used by default operator install by @J12934 in #2891
• Bump the gradle-version-updates group across 1 directory with 3 updates by @dependabot in #2868
• Update operators to latest kubebuilder versions by @J12934 in #2890
• Bump the npm-version-updates group in /documentation with 2 updates by @dependabot in #2899
• Bump io.freefair.lombok from 8.12 to 8.12.1 in /hooks/persistence-defectdojo/hook in the gradle-version-updates group by @dependabot in #2898
• Bump the npm-version-updates group in /documentation with 4 updates by @dependabot in #2907
• Bump org.springframework:spring-web from 6.2.2 to 6.2.3 in /hooks/persistence-defectdojo/hook in the gradle-version-updates group by @dependabot in #2906
• Bump serialize-javascript from 6.0.1 to 6.0.2 in /documentation in the npm-security-updates group by @dependabot in #2908
• Bump jsonpath-plus from 10.2.0 to 10.3.0 in /hooks by @dependabot in #2912
• Bump @types/node from 22.13.4 to 22.13.5 in /documentation in the npm-version-updates group by @dependabot in #2917
• Bump the npm-version-updates group in /documentation with 3 updates by @dependabot in #2925
• Bump prismjs from 1.29.0 to 1.30.0 in /documentation in the npm-security-updates group by @dependabot in #2937
• Bump golang.org/x/net from 0.30.0 to 0.36.0 in /lurker by @dependabot in #2941
• Bump @babel/helpers from 7.26.0 to 7.26.10 in /hooks by @dependabot in #2943
• Bump the npm-security-updates group in /documentation with 2 updates by @dependabot in #2944

New Contributors

• @muffl0n made their first contribution in #2878
• @K4iM4k3r made their first contribution in #2929

Full Changelog: v4.13.0...v4.14.0