Merge branch 'dev' of https://github.com/MaibornWolff/SecObserve into stackable

# Conflicts:
#	backend/application/core/migrations/0085_alter_observation_description.py
#	backend/application/import_observations/services/import_observations.py
#	frontend/src/commons/custom_fields/MarkdownEdit.tsx
#	frontend/src/commons/settings/SettingsEdit.tsx
#	frontend/src/core/observations/ObservationList.tsx

Author: dervoeti

.github/workflows/build_push_release.yml

@@ -109,7 +109,7 @@ jobs:
     permissions:
       contents: write
     steps:
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version: 24
       -

.github/workflows/check_backend.yml

@@ -98,7 +98,7 @@ jobs:
         with:
           name: coverage-report
       - name: Run SonarQube scan for backend
-        uses: SonarSource/sonarqube-scan-action@299e4b793aaa83bf2aba7c9c14bedbb485688ec4 # v7.1.0
+        uses: SonarSource/sonarqube-scan-action@59db25f34e16620e48ab4bb9e4a5dce155cb5432 # v8
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_BACKEND }}
         with:

.github/workflows/check_frontend.yml

@@ -13,7 +13,7 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version: 24
 
@@ -63,7 +63,7 @@ jobs:
           fetch-depth: 0  
       - 
         name: Run SonarQube scan for frontend
-        uses: SonarSource/sonarqube-scan-action@299e4b793aaa83bf2aba7c9c14bedbb485688ec4 # v7.1.0
+        uses: SonarSource/sonarqube-scan-action@59db25f34e16620e48ab4bb9e4a5dce155cb5432 # v8
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_FRONTEND }}
         with:

.github/workflows/generate_sboms.yml

@@ -16,7 +16,7 @@ jobs:
     permissions:
       contents: write
     steps:
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version: 24
       -

.github/workflows/scorecard.yml

@@ -64,6 +64,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
         with:
           sarif_file: results.sarif

backend/application/__init__.py

@@ -1,4 +1,4 @@
-__version__ = "1.51.1"
+__version__ = "1.52.0"
 
 import pymysql
 

backend/application/commons/migrations/0022_settings_feature_cross_scanner_deduplication.py

@@ -0,0 +1,18 @@
+# Generated by Django 6.0.4 on 2026-04-27 05:30
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("commons", "0021_settings_observation_count_from_metrics"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="settings",
+            name="feature_cross_scanner_deduplication",
+            field=models.BooleanField(default=False),
+        ),
+    ]

backend/application/commons/models.py

@@ -233,6 +233,8 @@ class Settings(Model, DirtyFieldsMixin):
 
     observation_count_from_metrics = BooleanField(default=False)
 
+    feature_cross_scanner_deduplication = BooleanField(default=False)
+
     def save(self, *args: Any, **kwargs: Any) -> None:
         """
         Save object to the database. Removes all other entries if there

backend/application/core/api/filters.py

@@ -531,6 +531,7 @@ class ComponentFilter(FilterSet):
         fields=(
             ("id", "id"),
             (("product__name", "branch__name", "component_name_version"), "product_name"),
+            (("component_type", "product__name", "branch__name", "component_name_version"), "component_type"),
             (("product__product_group__name", "branch__name", "component_name_version"), "product_group_name"),
             (("branch__name", "product__name", "component_name_version"), "branch_name"),
             (("component_name_version", "product__name", "branch__name"), "component_name_version_type"),
@@ -548,6 +549,7 @@ class Meta:  # pylint: disable=duplicate-code
             "product",
             "branch",
             "component_name_version",
+            "component_type",
             "component_purl_type",
             "origin_service",
             "has_observations",

backend/application/core/migrations/0084_observation_origin_component_type.py

@@ -0,0 +1,36 @@
+# Generated by Django 6.0.4 on 2026-04-17 17:46
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("core", "0083_observation_core_observ_origin__2b1af9_idx"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="observation",
+            name="origin_component_type",
+            field=models.CharField(
+                blank=True,
+                choices=[
+                    ("Application", "Application"),
+                    ("Framework", "Framework"),
+                    ("Library", "Library"),
+                    ("Container", "Container"),
+                    ("Platform", "Platform"),
+                    ("Operating system", "Operating system"),
+                    ("Device", "Device"),
+                    ("Device driver", "Device driver"),
+                    ("Firmware", "Firmware"),
+                    ("File", "File"),
+                    ("Machine learning model", "Machine learning model"),
+                    ("Data", "Data"),
+                    ("Cryptographic asset", "Cryptographic asset"),
+                ],
+                max_length=24,
+            ),
+        ),
+    ]