stevieg27
diff --git a/‎.github/workflows/plantuml.yml
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/plantuml.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎.gitignore
Lines changed: 2 additions & 1 deletion b/‎.gitignore
Lines changed: 2 additions & 1 deletion
diff --git a/‎Dockerfile.django
Lines changed: 2 additions & 1 deletion b/‎Dockerfile.django
Lines changed: 2 additions & 1 deletion
diff --git a/‎Dockerfile.nginx
Lines changed: 1 addition & 1 deletion b/‎Dockerfile.nginx
Lines changed: 1 addition & 1 deletion
diff --git a/‎README.md
Lines changed: 11 additions & 11 deletions b/‎README.md
Lines changed: 11 additions & 11 deletions
diff --git a/‎components/package.json
Lines changed: 6 additions & 4 deletions b/‎components/package.json
Lines changed: 6 additions & 4 deletions
diff --git a/‎components/yarn.lock
Lines changed: 36 additions & 28 deletions b/‎components/yarn.lock
Lines changed: 36 additions & 28 deletions
diff --git a/‎docker-compose.override.https.yml
Lines changed: 2 additions & 2 deletions b/‎docker-compose.override.https.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎docker-compose.override.unit_tests.yml
Lines changed: 1 addition & 1 deletion b/‎docker-compose.override.unit_tests.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎docker-compose.override.unit_tests_cicd.yml
Lines changed: 37 additions & 0 deletions b/‎docker-compose.override.unit_tests_cicd.yml
Lines changed: 37 additions & 0 deletions
diff --git a/‎docker-compose.yml
Lines changed: 5 additions & 7 deletions b/‎docker-compose.yml
Lines changed: 5 additions & 7 deletions
diff --git a/‎docker/cert.pem
Lines changed: 0 additions & 29 deletions b/‎docker/cert.pem
Lines changed: 0 additions & 29 deletions
diff --git a/‎docker/certs/readme.txt
Lines changed: 1 addition & 0 deletions b/‎docker/certs/readme.txt
Lines changed: 1 addition & 0 deletions
diff --git a/‎docker/entrypoint-celery-beat.sh
Lines changed: 1 addition & 2 deletions b/‎docker/entrypoint-celery-beat.sh
Lines changed: 1 addition & 2 deletions
diff --git a/‎docker/entrypoint-integration-tests.sh
Lines changed: 1 addition & 1 deletion b/‎docker/entrypoint-integration-tests.sh
Lines changed: 1 addition & 1 deletion
@@ -13,7 +13,7 @@ jobs:
       UML_FILES: ".puml"
     steps:
       - name: Checkout Source
-        uses: actions/checkout@v1
+        uses: actions/checkout@v2
       - name: Get changed UML files
         id: getfile
         run: |
@@ -30,7 +30,7 @@ jobs:
         with:
           args: -v -tpng ${{ steps.getfile.outputs.files }}
       - name: Push Local Changes
-        uses: stefanzweifel/git-auto-commit-action@v4.1.2
+        uses: stefanzweifel/git-auto-commit-action@v4.7.2
         with:
           commit_user_name: "PlantUML_bot"
           commit_user_email: "[email protected]"
 
@@ -116,7 +116,8 @@ Pipfile*
 
 
 #ignore locally added certs
-certs/
+docker/certs/*
+!docker/certs/readme.txt
 
 # Helm dependencies
 helm/defectdojo/charts
 
@@ -67,7 +67,7 @@ COPY \
   docker/entrypoint-unit-tests.sh \
   docker/entrypoint-unit-tests-devDocker.sh \
   docker/wait-for-it.sh \
-  certs/* \
+  docker/certs/* \
   /
 COPY wsgi.py manage.py tests/unit-tests.sh ./
 COPY dojo/ ./dojo/
@@ -76,6 +76,7 @@ RUN \
   cp dojo/settings/settings.dist.py dojo/settings/settings.py
 COPY tests/ ./tests/
 RUN \
+  rm -f /readme.txt && \
   mkdir -p dojo/migrations && \
   chmod g=u dojo/migrations && \
   true
 
@@ -64,7 +64,7 @@ RUN \
   python3 manage.py collectstatic --noinput && \
   true
 
-FROM nginx:1.19.2-alpine@sha256:4635b632d2aaf8c37c8a1cf76a1f96d11b899f74caa2c6946ea56d0a5af02c0c
+FROM nginx:1.19.3-alpine@sha256:a3c6118edc80de4a5aaf2711b7742c25d4d2da54325bae465205cb386afa79ee
 ARG uid=1001
 ARG appuser=defectdojo
 COPY --from=collectstatic /app/static/ /usr/share/nginx/html/static/
 
@@ -13,15 +13,6 @@ product and application information, schedule scans, triage vulnerabilities and
 push findings into defect trackers.
 Consolidate your findings into one source of truth with DefectDojo.
 
-## Demo
-
-Try out DefectDojo in our
-[testing environment](https://defectdojo.herokuapp.com/) with the following
-credentials.
-
-* admin / defectdojo@demo#appsec
-* product_manager / defectdojo@demo#product
-
 ## Quick Start
 
 ```sh
@@ -31,6 +22,8 @@ cd django-DefectDojo
 docker-compose build
 # running
 docker-compose up
+# obtain admin credentials
+docker-compose logs initializer | grep "Admin password:"
 ```
 
 Navigate to <http://localhost:8080>.
@@ -56,8 +49,15 @@ We've also created some example
 [workflows](https://defectdojo.readthedocs.io/en/latest/workflows.html) that
 should give you an idea of how to use DefectDojo for your own team.
 
+## REST APIs
+
+> ** Deprecation notice ** apiv1 is deprecated and EOS is on 12-31-2020. EOL is planned for 06-30-2021.
+> Please move on to apiv2 and raise issues for any unsupported operations.
+
+Defectdojo can be accessed through a Swagger REST API. Please see [the API documentation](https://defectdojo.readthedocs.io/en/latest/api-v2-docs.html) or the in-app Swagger documentation.
+
 ## Client APIs and wrappers
-This section presents different ways to programmatically interact with defectdojo APIs.
+This section presents different ways to programmatically interact with DefectDojo APIs.
 
 See [Wrappers](WRAPPERS.md)
 
@@ -109,7 +109,7 @@ Project Moderators can help you with pull requests or feedback on dev ideas.
 * Jannik Jürgens
 * [Fred Blaise](https://www.linkedin.com/in/fredblaise/)
 * Saurabh kumar
-* Cody Maffucci 
+* Cody Maffucci
 * Pascal Trovatelli / [Sopra Steria](https://www.soprasteria.com/)
 
 ## Hall of Fame
 
@@ -1,4 +1,6 @@
 {
+  "name": "DefectDojo",
+  "version": "1.9.0-dev",
   "dependencies": {
     "JUMFlot": "jumjum123/JUMFlot#*",
     "bootstrap": "^3.4.0",
@@ -11,13 +13,13 @@
     "components-jqueryui": "^1.0.0",
     "datatables.net": "^1.10.22",
     "datatables.net-bs": "^1.10.22",
-    "datatables.net-buttons-bs": "^1.6.4",
-    "datatables.net-buttons-dt": "^1.6.4",
+    "datatables.net-buttons-bs": "^1.6.5",
+    "datatables.net-buttons-dt": "^1.6.5",
     "datatables.net-colreorder": "^1.5.2",
     "datatables.net-dt": "^1.10.22",
     "drmonty-datatables-plugins": "^1.0.0",
     "drmonty-datatables-responsive": "^1.0.0",
-    "easymde": "^2.11.0",
+    "easymde": "^2.12.1",
     "flot": "flot/flot#~0.8.3",
     "flot-axis": "markrcote/flot-axislabels#*",
     "font-awesome": "^4.0.0",
@@ -31,7 +33,7 @@
     "jszip": "^3.5.0",
     "justgage": "^1.4.0",
     "metismenu": "~3.0.6",
-    "moment": "^2.29.0",
+    "moment": "^2.29.1",
     "morris.js": "morrisjs/morris.js",
     "pdfmake": "^0.1.68",
     "startbootstrap-sb-admin-2": "1.0.7"
 
@@ -163,10 +163,10 @@ [email protected]:
   dependencies:
     typo-js "*"
 
-codemirror@^5.55.0:
-  version "5.55.0"
-  resolved "https://registry.yarnpkg.com/codemirror/-/codemirror-5.55.0.tgz#23731f641288f202a6858fdc878f3149e0e04363"
-  integrity sha512-TumikSANlwiGkdF/Blnu/rqovZ0Y3Jh8yy9TqrPbSM0xxSucq3RgnpVDQ+mD9q6JERJEIT2FMuF/fBGfkhIR/g==
+codemirror@^5.58.1:
+  version "5.58.1"
+  resolved "https://registry.yarnpkg.com/codemirror/-/codemirror-5.58.1.tgz#ec6bf38ad2a17f74c61bd00cc6dc5a69bd167854"
+  integrity sha512-UGb/ueu20U4xqWk8hZB3xIfV2/SFqnSLYONiM3wTMDqko0bsYrsAkGGhqUzbRkYm89aBKPyHtuNEbVWF9FTFzw==
 
 components-jqueryui@^1.0.0:
   version "1.12.1"
@@ -226,21 +226,21 @@ datatables.net-bs@^1.10.15, datatables.net-bs@^1.10.22:
     datatables.net "1.10.22"
     jquery ">=1.7"
 
-datatables.net-buttons-bs@^1.6.4:
-  version "1.6.4"
-  resolved "https://registry.yarnpkg.com/datatables.net-buttons-bs/-/datatables.net-buttons-bs-1.6.4.tgz#1c71d45ec552c702c2780cf8494cf883851978a1"
-  integrity sha512-tAdKu20U9M6AMwaGcMomQvzkQjXlK10ajDu+JesE8mwu2g7VPMKL2sm2rn5Vj3SjofbixgnEIFvwsEcYjGOi/Q==
+datatables.net-buttons-bs@^1.6.5:
+  version "1.6.5"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons-bs/-/datatables.net-buttons-bs-1.6.5.tgz#4689d348effa4d18aed75f60dbfa9ae2e89d0ed8"
+  integrity sha512-T6YQNU4CnqLBAGqwepwXpqh405fdgNWzSP/sph8CulH3FCdG95oyxgS/6sTCZjS2B+GTwDhxOE9SM4LMCIs1lw==
   dependencies:
     datatables.net-bs "^1.10.15"
-    datatables.net-buttons "1.6.4"
+    datatables.net-buttons "1.6.5"
     jquery ">=1.7"
 
-datatables.net-buttons-dt@^1.6.4:
-  version "1.6.4"
-  resolved "https://registry.yarnpkg.com/datatables.net-buttons-dt/-/datatables.net-buttons-dt-1.6.4.tgz#6d970e3f0f3c51cc78a17acd8239bd6278394692"
-  integrity sha512-vpZgElAeaOpzIrb4XE0YoWgO2lLr67hVp+/hDw0/QhOhtP9nZidkclnlSIL8yxDjv3CLaKrVXuC8FtGbNF9kbw==
+datatables.net-buttons-dt@^1.6.5:
+  version "1.6.5"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons-dt/-/datatables.net-buttons-dt-1.6.5.tgz#55a1ebff030250fe9769d8898f6f916de999fd7f"
+  integrity sha512-BeuAvOp2pHyTC7WgectJ29APyno9b+90Jg7W4YeWK/G3bOmp+ZYx4/cr4XsnluAPfLQOsnLwoPx+LEc7B7BzAQ==
   dependencies:
-    datatables.net-buttons "1.6.4"
+    datatables.net-buttons "1.6.5"
     datatables.net-dt "^1.10.15"
     jquery ">=1.7"
 
@@ -252,6 +252,14 @@ [email protected]:
     datatables.net "^1.10.15"
     jquery ">=1.7"
 
+[email protected]:
+  version "1.6.5"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons/-/datatables.net-buttons-1.6.5.tgz#e7142b928ec9f5a6f9381bb965605c12e1610954"
+  integrity sha512-JmV1ncTbpiDXxU/e8ucFIbNLrmlGUrWrURBLI19Rd/rT+WSbH8TmLjoFVyTFuvC4PdzyLY2swEi+O1SC1ehGKQ==
+  dependencies:
+    datatables.net "^1.10.15"
+    jquery ">=1.7"
+
 datatables.net-colreorder@^1.5.2:
   version "1.5.2"
   resolved "https://registry.yarnpkg.com/datatables.net-colreorder/-/datatables.net-colreorder-1.5.2.tgz#c425cee1f88b3246be0363c67a152be743ca6bce"
@@ -330,14 +338,14 @@ duplexer2@~0.1.4:
   dependencies:
     readable-stream "^2.0.2"
 
-easymde@^2.11.0:
-  version "2.11.0"
-  resolved "https://registry.yarnpkg.com/easymde/-/easymde-2.11.0.tgz#544d27c6f265c8be15b4256957731c6de3a6a5b9"
-  integrity sha512-d7HtwPXqqARY6KMCMe0EWUfNvoMh/VzHystKZE35mkL7x4z6ZsVBIPyRviGxYyix2qkC3zFGh1A0uo9hLpNuBg==
+easymde@^2.12.1:
+  version "2.12.1"
+  resolved "https://registry.yarnpkg.com/easymde/-/easymde-2.12.1.tgz#61180370cd9c19b8e7c0123b5768a152688a7aab"
+  integrity sha512-4cYP+tK/vU9/KuiUskKnF9EM+DTvBe77EKduEu+HDa+nfRVVphZM76gfz2BjrWv8vbTJLOFcwlJ/NJ6+SzMApQ==
   dependencies:
-    codemirror "^5.55.0"
+    codemirror "^5.58.1"
     codemirror-spell-checker "1.1.2"
-    marked "^1.1.1"
+    marked "^1.2.0"
 
 es-abstract@^1.17.0-next.1, es-abstract@^1.17.5:
   version "1.17.6"
@@ -727,10 +735,10 @@ [email protected]:
   dependencies:
     sourcemap-codec "^1.4.1"
 
-marked@^1.1.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/marked/-/marked-1.1.1.tgz#e5d61b69842210d5df57b05856e0c91572703e6a"
-  integrity sha512-mJzT8D2yPxoPh7h0UXkB+dBj4FykPJ2OIfxAWeIHrvoHDkFxukV/29QxoFQoPM6RLEwhIFdJpmKBlqVM3s2ZIw==
+marked@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/marked/-/marked-1.2.0.tgz#7221ce2395fa6cf6d722e6f2871a32d3513c85ca"
+  integrity sha512-tiRxakgbNPBr301ihe/785NntvYyhxlqcL3YaC8CaxJQh7kiaEtrN9B/eK2I2943Yjkh5gw25chYFDQhOMCwMA==
 
 [email protected]:
   version "1.0.4"
@@ -749,10 +757,10 @@ minimist@^1.1.3:
   resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602"
   integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==
 
-moment@^2.29.0:
-  version "2.29.0"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.0.tgz#fcbef955844d91deb55438613ddcec56e86a3425"
-  integrity sha512-z6IJ5HXYiuxvFTI6eiQ9dm77uE0gyy1yXNApVHqTcnIKfY9tIwEjlzsZ6u1LQXvVgKeTnv9Xm7NDvJ7lso3MtA==
+moment@^2.29.1:
+  version "2.29.1"
+  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.1.tgz#b2be769fa31940be9eeea6469c075e35006fa3d3"
+  integrity sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==
 
 morris.js@morrisjs/morris.js:
   version "0.5.1"
 
@@ -6,8 +6,8 @@ services:
       USE_TLS: 'true'
       GENERATE_TLS_CERTIFICATE: 'true'
     ports:
-      - target: ${DD_PORT:-8443}
-        published: ${DD_PORT:-8443}
+      - target: 8443
+        published: ${DD_TLS_PORT:-8443}
         protocol: tcp
         mode: host
   uwsgi:
 
@@ -7,7 +7,7 @@ services:
       dockerfile: Dockerfile.busybox
     image: defectdojo/defectdojo-busybox:${NGINX_VERSION:-latest}
   uwsgi:
-    entrypoint: ['/wait-for-it.sh', 'mysql:3306', '-t', '30', '--', '/entrypoint-unit-tests-devDocker.sh']
+    entrypoint: ['/wait-for-it.sh', 'mysql:3306', '-t', '30', '--', '/app/docker/entrypoint-unit-tests-devDocker.sh']
     volumes:
       - '.:/app:z'
     environment:
 
@@ -0,0 +1,37 @@
+---
+version: '3.7'
+services:
+  nginx:
+    build: 
+      context: ./
+      dockerfile: Dockerfile.busybox
+    image: defectdojo/defectdojo-busybox:${NGINX_VERSION:-latest}
+  uwsgi:
+    entrypoint: ['/wait-for-it.sh', 'mysql:3306', '-t', '30', '--', '/app/docker/entrypoint-unit-tests.sh']
+    volumes:
+      - '.:/app:z'
+    environment:
+      DD_DEBUG: 'True'
+      DD_TEST_DATABASE_NAME: ${DD_TEST_DATABASE_NAME:-test_defectdojo}
+      DD_DATABASE_NAME: ${DD_TEST_DATABASE_NAME:-test_defectdojo}
+  celerybeat:
+    environment:
+      DD_DATABASE_URL: ${DD_TEST_DATABASE_URL:-mysql://defectdojo:defectdojo@mysql:3306/test_defectdojo}
+  celeryworker:
+    environment:
+      DD_DATABASE_URL: ${DD_TEST_DATABASE_URL:-mysql://defectdojo:defectdojo@mysql:3306/test_defectdojo}
+  initializer:
+    environment:
+      DD_INITIALIZE: 'false'
+  mysql:
+    ports:
+      - target: 3306
+        published: 3306
+        protocol: tcp
+        mode: host
+    environment:
+      MYSQL_DATABASE: ${DD_TEST_DATABASE_NAME:-test_defectdojo}
+    volumes:
+       - defectdojo_data_unittest:/var/lib/mysql
+volumes:
+  defectdojo_data_unittest: {}
@@ -11,12 +11,12 @@ services:
     environment:
       NGINX_METRICS_ENABLED: ${NGINX_METRICS_ENABLED:-false}
     ports:
-      - target: ${DD_PORT:-8080}
+      - target: 8080
         published: ${DD_PORT:-8080}
         protocol: tcp
         mode: host
-      - target: ${DD_PORT:-8443}
-        published: ${DD_PORT:-8443}
+      - target: 8443
+        published: ${DD_TLS_PORT:-8443}
         protocol: tcp
         mode: host
   uwsgi:
@@ -38,8 +38,6 @@ services:
       DD_CREDENTIAL_AES_256_KEY: ${DD_CREDENTIAL_AES_256_KEY:-&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw}
   celerybeat:
     image: defectdojo/defectdojo-django:latest
-    # needed to run as root, in order to drop privileges on celery. what's worst?
-    user: root
     depends_on:
       - mysql
       - rabbitmq
@@ -77,7 +75,7 @@ services:
       DD_SECRET_KEY: ${DD_SECRET_KEY:-hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq}
       DD_CREDENTIAL_AES_256_KEY: ${DD_CREDENTIAL_AES_256_KEY:-&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw}
   mysql:
-    image: mysql:5.7.29@sha256:8044616c01e46c6bc826d205103a2b650a1679be2f34beab9bbf6c6f642df673
+    image: mysql:5.7.32@sha256:da0936fa5772538548f6fe4e7cb215ad89248cc57e89f1ccc27cb8927ada75de
     environment:
       MYSQL_RANDOM_ROOT_PASSWORD: 'yes'
       DD_DATABASE_URL: ${DD_DATABASE_URL:-mysql://defectdojo:defectdojo@mysql:3306/defectdojo}
@@ -88,6 +86,6 @@ services:
     volumes:
        - defectdojo_data:/var/lib/mysql
   rabbitmq:
-    image: rabbitmq:3.7.26@sha256:be00c655a6d4a1012358a3a51d57e2b33d926b181a65863a568adc103edfdb91
+    image: rabbitmq:3.8.9@sha256:30a52abe6009eea97c89dcd72b9dcf9c2a26563beb4b4d948d595c0415fc8680
 volumes:
   defectdojo_data: {}
@@ -0,0 +1 @@
+Certificates added to this directory will automatically be added to django docker image.
@@ -14,5 +14,4 @@ echo
 exec celery beat \
   --app=dojo \
   --pidfile=/var/run/defectdojo/celery-beat.pid \
-  --schedule=/var/run/defectdojo/celerybeat-schedule \
-  --uid=${appuser}
+  --schedule=/var/run/defectdojo/celerybeat-schedule
@@ -98,7 +98,7 @@ else
     fail $test
 fi
 
-test=echo "User integration tests"
+test="User integration tests"
 echo "Running: $test"
 if python3 tests/User_unit_test.py ; then
     success $test
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Certificates added to this directory will automatically be added to django docker image.`