fix(doc): Breaking Change for HELM deployments with PostgreSQL #10524
Conversation
|
Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.
Note 🟢 Risk threshold not exceeded. Change Summary (click to expand)The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective. Summary: The code changes in this Pull Request address a breaking change in the HELM deployment of the DefectDojo application, which requires upgrading the PostgreSQL version from 11.x to 12.x or higher. This change is necessary because the previous version of PostgreSQL is incompatible with the Django version 4.2 used in DefectDojo version 3.36.0 and onwards. In addition to the PostgreSQL version upgrade, the changes also highlight the need for a manual migration process, as PostgreSQL does not support automatic migration of data structures in the filesystem. The provided documentation includes links to various resources that can help with the migration process, such as discussions, Slack conversations, and a blog post. From an application security perspective, this change is important because it ensures the DefectDojo application is compatible with the latest version of Django, which may include security fixes and improvements. However, the manual migration process may introduce potential security risks if not handled properly. It is crucial to follow the recommended migration steps and ensure the integrity and security of the data during the upgrade process. Files Changed:
Powered by DryRun Security |
|
@cneill, @mtesauro, @hblankenship, @Maffooch, may I ask for review and acceptance before the release of |
As #10507 is accepted and merged, it would be good to add upgrade instructions to users.