stackabletech
diff --git a/‎.github/workflows/build_push_dev.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/build_push_dev.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/build_push_release.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/build_push_release.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/release_helm_chart.yaml‎
Lines changed: 8 additions & 3 deletions b/‎.github/workflows/release_helm_chart.yaml‎
Lines changed: 8 additions & 3 deletions
diff --git a/‎.github/workflows/scorecard.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/scorecard.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/application/__init__.py‎
Lines changed: 1 addition & 1 deletion b/‎backend/application/__init__.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/application/core/api/views.py‎
Lines changed: 2 additions & 3 deletions b/‎backend/application/core/api/views.py‎
Lines changed: 2 additions & 3 deletions
diff --git a/‎backend/application/core/migrations/0076_alter_product_notification_ms_teams_webhook_and_more.py‎
Lines changed: 23 additions & 0 deletions b/‎backend/application/core/migrations/0076_alter_product_notification_ms_teams_webhook_and_more.py‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎backend/application/core/models.py‎
Lines changed: 2 additions & 2 deletions b/‎backend/application/core/models.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎backend/application/core/services/observations_bulk_actions.py‎
Lines changed: 1 addition & 7 deletions b/‎backend/application/core/services/observations_bulk_actions.py‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎backend/application/core/signals.py‎
Lines changed: 11 additions & 0 deletions b/‎backend/application/core/signals.py‎
Lines changed: 11 additions & 0 deletions
@@ -42,7 +42,7 @@ jobs:
       -
         name: Build and push backend
         id: build-and-push-backend
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
         with:
           context: .
           file: ./docker/backend/prod/django/Dockerfile
@@ -89,7 +89,7 @@ jobs:
       -
         name: Build and push frontend
         id: build-and-push-frontend
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
         with:
           context: .
           file: ./docker/frontend/prod/Dockerfile
 
@@ -42,7 +42,7 @@ jobs:
         run: echo "CREATED=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
       -
         name: Build and push backend
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
         with:
           context: .
           file: ./docker/backend/prod/django/Dockerfile
@@ -87,7 +87,7 @@ jobs:
         run: echo "CREATED=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
       -
         name: Build and push frontend
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
         with:
           context: .
           file: ./docker/frontend/prod/Dockerfile
 
@@ -1,17 +1,20 @@
 name: Publish released chart
 
 on:
+  workflow_dispatch:
   push:
     branches:
       - main
     paths:
       - charts/**
 
+permissions: read-all
+
 jobs:
   release:
     runs-on: ubuntu-latest
     permissions:
-      contents: write
+      contents: read
       packages: write
 
     steps:
@@ -25,10 +28,12 @@ jobs:
           git config user.name "${{ github.actor }}"
           git config user.email "${{ github.actor}}@users.noreply.github.com"
 
+      - name: downcase repo owner for image
+        run: echo "REPO_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV
       - name: Run chart-releaser
-        uses: bitdeps/helm-oci-charts-releaser@v0.1.5
+        uses: bitdeps/helm-oci-charts-releaser@caedceea2a5ab997c7e5469a999811dbb3d5b070 # v0.1.5
         with:
-          oci_registry: ghcr.io/${{ github.repository_owner }}/charts
+          oci_registry: ghcr.io/${{ env.REPO_OWNER }}/charts
           oci_username: ${{ github.actor}}
           oci_password: ${{ secrets.GITHUB_TOKEN }}
           github_token: ${{ secrets.GITHUB_TOKEN }}
@@ -67,6 +67,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
+        uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
         with:
           sarif_file: results.sarif
@@ -1,4 +1,4 @@
-__version__ = "1.47.2"
+__version__ = "1.48.0"
 
 import pymysql
 
 
@@ -153,7 +153,6 @@
 from application.core.services.security_gate import check_security_gate
 from application.core.types import Assessment_Status, Status
 from application.issue_tracker.services.issue_tracker import (
-    push_deleted_observation_to_issue_tracker,
     push_observations_to_issue_tracker,
 )
 from application.licenses.api.serializers import LicenseComponentBulkDeleteSerializer
@@ -558,13 +557,13 @@ def filter_queryset(self, queryset: QuerySet) -> QuerySet:
 
     def perform_destroy(self, instance: Observation) -> None:
         product = instance.product
-        issue_id = instance.issue_tracker_issue_id
+
         super().perform_destroy(instance)
         if (instance.branch and instance.branch.is_default_branch) or (
             not instance.branch and not instance.product.repository_default_branch
         ):
             check_security_gate(product)
-        push_deleted_observation_to_issue_tracker(product, issue_id, get_current_user())
+
         product.last_observation_change = timezone.now()
         product.save()
 
 
@@ -0,0 +1,23 @@
+# Generated by Django 5.2.11 on 2026-02-04 18:26
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("core", "0075_observation_initialize_fix_and_upgrade"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="product",
+            name="notification_ms_teams_webhook",
+            field=models.TextField(blank=True, max_length=2048),
+        ),
+        migrations.AlterField(
+            model_name="product",
+            name="notification_slack_webhook",
+            field=models.TextField(blank=True, max_length=2048),
+        ),
+    ]
@@ -83,8 +83,8 @@ class Product(Model, DirtyFieldsMixin):  # pylint: disable=too-many-instance-att
 
     apply_general_rules = BooleanField(default=True)
 
-    notification_ms_teams_webhook = CharField(max_length=255, blank=True)
-    notification_slack_webhook = CharField(max_length=255, blank=True)
+    notification_ms_teams_webhook = TextField(max_length=2048, blank=True)
+    notification_slack_webhook = TextField(max_length=2048, blank=True)
     notification_email_to = CharField(max_length=255, blank=True)
 
     issue_tracker_active = BooleanField(default=False)
 
@@ -22,9 +22,6 @@
 )
 from application.core.services.security_gate import check_security_gate
 from application.core.types import Assessment_Status, Status
-from application.issue_tracker.services.issue_tracker import (
-    push_deleted_observation_to_issue_tracker,
-)
 
 
 def observations_bulk_assessment(  # pylint: disable=too-many-arguments
@@ -59,9 +56,6 @@ def observations_bulk_delete(product: Product, observation_ids: list[int]) -> No
 
     observations.delete()
 
-    for issue_id in issue_ids:
-        push_deleted_observation_to_issue_tracker(product, issue_id, get_current_user())
-
     check_security_gate(product)
     product.last_observation_change = timezone.now()
     product.save()
@@ -155,7 +149,7 @@ def _check_observation_logs(product: Optional[Product], observation_log_ids: lis
         else:
             if not user_has_permission(observation_log, Permissions.Observation_Log_Approval):
                 raise ValidationError(f"First observation log without approval permission: {observation_log.pk}")
-            if not observation_log.assessment_status == Assessment_Status.ASSESSMENT_STATUS_NEEDS_APPROVAL:
+            if observation_log.assessment_status != Assessment_Status.ASSESSMENT_STATUS_NEEDS_APPROVAL:
                 raise ValidationError(f"First observation log that does not need approval: {observation_log.pk}")
             if get_current_user() == observation_log.user:
                 raise ValidationError(
 
@@ -17,6 +17,9 @@
     set_product_flags,
 )
 from application.core.services.security_gate import check_security_gate
+from application.issue_tracker.services.issue_tracker import (
+    push_deleted_observation_to_issue_tracker,
+)
 
 logger = logging.getLogger("secobserve.core")
 
@@ -29,6 +32,14 @@ def observation_pre_save(sender: Any, instance: Observation, **kwargs: Any) -> N
     set_product_flags(instance)
 
 
+@receiver(post_delete, sender=Observation)
+def observation_post_delete(
+    sender: Any, instance: Observation, **kwargs: Any  # pylint: disable=unused-argument
+) -> None:
+    # sender is needed according to Django documentation
+    push_deleted_observation_to_issue_tracker(instance.product, instance.issue_tracker_issue_id, get_current_user())
+
+
 @receiver(post_delete, sender=Product)
 def product_post_delete(sender: Any, instance: Product, **kwargs: Any) -> None:  # pylint: disable=unused-argument
     # sender is needed according to Django documentation
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-__version__ = "1.47.2"`
	`1`	`+__version__ = "1.48.0"`
`2`	`2`
`3`	`3`	`import pymysql`
`4`	`4`