Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[docs] add reo to script header #11396

Merged
merged 2 commits into from
Dec 9, 2024
Merged

[docs] add reo to script header #11396

merged 2 commits into from
Dec 9, 2024

Conversation

paulOsinski
Copy link
Contributor

Adds REO snippet to documentation.

@github-actions github-actions bot added the docs label Dec 9, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Dec 9, 2024
edited
Loading

DryRun Security Summary

The pull request integrates the Reo JavaScript library into the application's script header, requiring careful review of its security, compliance, and potential risks.

Expand for full summary

Summary:

The code changes in this pull request introduce the integration of the Reo JavaScript library into the application's script-header.html file. This library is loaded asynchronously and initialized with a specific client ID. While the integration of third-party libraries is a common practice in web development, it's important to review the security and compliance aspects of the Reo library to ensure that it does not introduce any vulnerabilities or risks to the application.

Key considerations include reviewing the security history and known vulnerabilities of the Reo library, verifying that the application's Content Security Policy (CSP) is configured to allow the loading of the library, ensuring that any user-provided data passed to the library is properly validated and sanitized, and reviewing the library's data collection and usage practices to ensure compliance with relevant data privacy regulations.

Files Changed:

  • docs/layouts/partials/head/script-header.html: This file has been updated to include a new script block that loads and initializes the Reo JavaScript library. The script is loaded asynchronously, and the Reo.init() function is called with a client ID of "a92cfcfa51eca96".

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

mtesauro
mtesauro approved these changes Dec 9, 2024
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@Maffooch Maffooch merged commit ca6628d into DefectDojo:master Dec 9, 2024
72 of 73 checks passed
@paulOsinski paulOsinski deleted the reo-js branch January 14, 2025 19:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Maffooch Maffooch Maffooch approved these changes

@mtesauro mtesauro mtesauro approved these changes

@cneill cneill cneill approved these changes

@grendel513 grendel513 grendel513 approved these changes

Assignees
No one assigned
Labels
docs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@paulOsinski @grendel513 @cneill @mtesauro @Maffooch