Merge branch 'develop' into prepare-nb40

.github/workflows/push.yml

@@ -10,6 +10,10 @@ on:
     branches-ignore:
       - release
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
 jobs:
   lint:
     runs-on: ubuntu-latest
@@ -24,15 +28,17 @@ jobs:
         with:
           python-version: '3.9'
       - name: Lint Code Base
-        uses: github/super-linter@v5
+        uses: github/super-linter@v6
         env:
           DEFAULT_BRANCH: develop
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SUPPRESS_POSSUM: true
           LINTER_RULES_PATH: /
           VALIDATE_ALL_CODEBASE: false
+          VALIDATE_CHECKOV: false
           VALIDATE_DOCKERFILE: false
           VALIDATE_GITLEAKS: false
+          VALIDATE_JSCPD: false
           FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*)
           EDITORCONFIG_FILE_NAME: .ecrc
           DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml

configuration/configuration.py

@@ -312,6 +312,23 @@ CSRF_TRUSTED_ORIGINS = _environ_get_and_map('CSRF_TRUSTED_ORIGINS', '', _AS_LIST
 # The name to use for the session cookie.
 SESSION_COOKIE_NAME = environ.get('SESSION_COOKIE_NAME', 'sessionid')
 
+# If true, the `includeSubDomains` directive will be included in the HTTP Strict Transport Security (HSTS) header.
+# This directive instructs the browser to apply the HSTS policy to all subdomains of the current domain.
+SECURE_HSTS_INCLUDE_SUBDOMAINS = _environ_get_and_map('SECURE_HSTS_INCLUDE_SUBDOMAINS', 'False', _AS_BOOL)
+
+# If true, the `preload` directive will be included in the HTTP Strict Transport Security (HSTS) header.
+# This directive instructs the browser to preload the site in HTTPS. Browsers that use the HSTS preload list will force the
+# site to be accessed via HTTPS even if the user types HTTP in the address bar.
+SECURE_HSTS_PRELOAD = _environ_get_and_map('SECURE_HSTS_PRELOAD', 'False', _AS_BOOL)
+
+# If set to a non-zero integer value, the SecurityMiddleware sets the HTTP Strict Transport Security (HSTS) header on all
+# responses that do not already have it. This will instruct the browser that the website must be accessed via HTTPS,
+# blocking any HTTP request.
+SECURE_HSTS_SECONDS = _environ_get_and_map('SECURE_HSTS_SECONDS', 0, _AS_INT)
+
+# If true, all non-HTTPS requests will be automatically redirected to use HTTPS.
+SECURE_SSL_REDIRECT = _environ_get_and_map('SECURE_SSL_REDIRECT', 'False', _AS_BOOL)
+
 # By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use
 # local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only
 # database access.) Note that the user as which NetBox runs must have read and write permissions to this path.

requirements-container.txt

@@ -1,5 +1,5 @@
 django-auth-ldap==4.8.0
 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2
-dulwich==0.21.7
+dulwich==0.22.1
 python3-saml==1.16.0 --no-binary lxml
-sentry-sdk==1.45.0
+sentry-sdk==2.0.1