Skip to content

Commit

Permalink
Merge branch 'dev' into add_scm_type
Browse files Browse the repository at this point in the history
  • Loading branch information
dmarushkin authored Oct 12, 2024
2 parents 7018894 + 0bc4879 commit 1381f97
Show file tree
Hide file tree
Showing 60 changed files with 329 additions and 269 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/k8s-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ jobs:
uses: actions/checkout@v4

- name: Setup Minikube
uses: manusa/actions-setup-minikube@v2.12.0
uses: manusa/actions-setup-minikube@v2.13.0
with:
minikube version: 'v1.33.1'
kubernetes version: ${{ matrix.k8s }}
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.nginx-alpine
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ COPY manage.py ./
COPY dojo/ ./dojo/
RUN env DD_SECRET_KEY='.' python3 manage.py collectstatic --noinput && true

FROM nginx:1.27.0-alpine@sha256:208b70eefac13ee9be00e486f79c695b15cef861c680527171a27d253d834be9
FROM nginx:1.27.2-alpine@sha256:2140dad235c130ac861018a4e13a6bc8aea3a35f3a40e20c1b060d51a7efd250
ARG uid=1001
ARG appuser=defectdojo
COPY --from=collectstatic /app/static/ /usr/share/nginx/html/static/
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.nginx-debian
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ COPY dojo/ ./dojo/

RUN env DD_SECRET_KEY='.' python3 manage.py collectstatic --noinput && true

FROM nginx:1.27.0-alpine@sha256:208b70eefac13ee9be00e486f79c695b15cef861c680527171a27d253d834be9
FROM nginx:1.27.2-alpine@sha256:2140dad235c130ac861018a4e13a6bc8aea3a35f3a40e20c1b060d51a7efd250
ARG uid=1001
ARG appuser=defectdojo
COPY --from=collectstatic /app/static/ /usr/share/nginx/html/static/
Expand Down
4 changes: 2 additions & 2 deletions components/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "defectdojo",
"version": "2.39.0",
"version": "2.40.0-dev",
"license" : "BSD-3-Clause",
"private": true,
"dependencies": {
Expand Down Expand Up @@ -35,7 +35,7 @@
"metismenu": "~3.0.7",
"moment": "^2.30.1",
"morris.js": "morrisjs/morris.js",
"pdfmake": "^0.2.13",
"pdfmake": "^0.2.14",
"startbootstrap-sb-admin-2": "1.0.7"
},
"engines": {
Expand Down
8 changes: 4 additions & 4 deletions components/yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -824,10 +824,10 @@ path-parse@^1.0.7:
resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==

pdfmake@^0.2.13:
version "0.2.13"
resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.13.tgz#ea43fe9f0c8de1e5ec7b08486d6f4f8bbb8619e4"
integrity sha512-qeVE9Bzjm0oPCitH4/HYM/XCGTwoeOAOVAXPnV3s0kpPvTLkTF/bAF4jzorjkaIhXGQhzYk6Xclt0hMDYLY93w==
pdfmake@^0.2.14:
version "0.2.14"
resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.14.tgz#a257a393b54917218add829bff8e490be21e8077"
integrity sha512-x9gXFAY37/CAC/WaZB/683E4Pi0cVW/RMTTNxMpe4I2kRsKv8AE3Pz6+n7iTfn+84/GtSg99BjZkYh7oGFCKmg==
dependencies:
"@foliojs-fork/linebreak" "^1.1.1"
"@foliojs-fork/pdfkit" "^0.14.0"
Expand Down
7 changes: 7 additions & 0 deletions docs/content/en/getting_started/upgrading/2.40.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
title: 'Upgrading to DefectDojo Version 2.40.x'
toc_hide: true
weight: -20241007
description: No special instructions.
---
There are no special instructions for upgrading to 2.40.x. Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.40.0) for the contents of the release.
2 changes: 1 addition & 1 deletion dojo/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,6 @@
# Django starts so that shared_task will use this app.
from .celery import app as celery_app # noqa: F401

__version__ = "2.39.0"
__version__ = "2.40.0-dev"
__url__ = "https://github.com/DefectDojo/django-DefectDojo"
__docs__ = "https://documentation.defectdojo.com"
5 changes: 2 additions & 3 deletions dojo/api_v2/serializers.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
import os
import re
from datetime import datetime
from typing import List

import six
import tagulous
Expand Down Expand Up @@ -1517,7 +1516,7 @@ def get_engagement(self, obj):
)

def validate(self, data):
def validate_findings_have_same_engagement(finding_objects: List[Finding]):
def validate_findings_have_same_engagement(finding_objects: list[Finding]):
engagements = finding_objects.values_list("test__engagement__id", flat=True).distinct().count()
if engagements > 1:
msg = "You are not permitted to add findings from multiple engagements"
Expand Down Expand Up @@ -2043,7 +2042,7 @@ def get_findings_count(self, obj) -> int:
return obj.findings_count

# TODO: maybe extend_schema_field is needed here?
def get_findings_list(self, obj) -> List[int]:
def get_findings_list(self, obj) -> list[int]:
return obj.open_findings_list


Expand Down
2 changes: 1 addition & 1 deletion dojo/apps.py
Original file line number Diff line number Diff line change
Expand Up @@ -98,5 +98,5 @@ def get_model_fields(default_fields, extra_fields=()):
def get_model_default_fields(model):
return tuple(
field.name for field in model._meta.fields if
isinstance(field, (models.CharField, models.TextField))
isinstance(field, models.CharField | models.TextField)
)
30 changes: 14 additions & 16 deletions dojo/engagement/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
from functools import reduce
from tempfile import NamedTemporaryFile
from time import strftime
from typing import List, Optional, Tuple

from django.conf import settings
from django.contrib import messages
Expand Down Expand Up @@ -427,7 +426,7 @@ def get_risks_accepted(self, eng):
def get_filtered_tests(
self,
request: HttpRequest,
queryset: List[Test],
queryset: list[Test],
engagement: Engagement,
):
filter_string_matching = get_system_setting("filter_string_matching", False)
Expand Down Expand Up @@ -710,9 +709,9 @@ def get_development_environment(
def get_engagement_or_product(
self,
user: Dojo_User,
engagement_id: Optional[int] = None,
product_id: Optional[int] = None,
) -> Tuple[Engagement, Product, Product | Engagement]:
engagement_id: int | None = None,
product_id: int | None = None,
) -> tuple[Engagement, Product, Product | Engagement]:
"""Using the path parameters, either fetch the product or engagement"""
engagement = product = engagement_or_product = None
# Get the product if supplied
Expand Down Expand Up @@ -769,7 +768,7 @@ def get_jira_form(
self,
request: HttpRequest,
engagement_or_product: Engagement | Product,
) -> Tuple[JIRAImportScanForm | None, bool]:
) -> tuple[JIRAImportScanForm | None, bool]:
"""Returns a JiraImportScanForm if jira is enabled"""
jira_form = None
push_all_jira_issues = False
Expand All @@ -794,7 +793,7 @@ def get_product_tab(
self,
product: Product,
engagement: Engagement,
) -> Tuple[Product_Tab, dict]:
) -> tuple[Product_Tab, dict]:
"""
Determine how the product tab will be rendered, and what tab will be selected
as currently active
Expand All @@ -811,9 +810,9 @@ def get_product_tab(
def handle_request(
self,
request: HttpRequest,
engagement_id: Optional[int] = None,
product_id: Optional[int] = None,
) -> Tuple[HttpRequest, dict]:
engagement_id: int | None = None,
product_id: int | None = None,
) -> tuple[HttpRequest, dict]:
"""
Process the common behaviors between request types, and then return
the request and context dict back to be rendered
Expand Down Expand Up @@ -1046,8 +1045,8 @@ def failure_redirect(
def get(
self,
request: HttpRequest,
engagement_id: Optional[int] = None,
product_id: Optional[int] = None,
engagement_id: int | None = None,
product_id: int | None = None,
) -> HttpResponse:
"""Process GET requests for the Import View"""
# process the request and path parameters
Expand All @@ -1062,8 +1061,8 @@ def get(
def post(
self,
request: HttpRequest,
engagement_id: Optional[int] = None,
product_id: Optional[int] = None,
engagement_id: int | None = None,
product_id: int | None = None,
) -> HttpResponse:
"""Process POST requests for the Import View"""
# process the request and path parameters
Expand Down Expand Up @@ -1555,8 +1554,7 @@ def get_engagements(request):
if not url:
msg = "Please use the export button when exporting engagements"
raise ValidationError(msg)
if url.startswith("url="):
url = url[4:]
url = url.removeprefix("url=")

path_items = list(filter(None, re.split(r"/|\?", url)))

Expand Down
23 changes: 11 additions & 12 deletions dojo/finding/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
import mimetypes
from collections import OrderedDict, defaultdict
from itertools import chain
from typing import Optional

from django.conf import settings
from django.contrib import messages
Expand Down Expand Up @@ -265,9 +264,9 @@ class BaseListFindings:
def __init__(
self,
filter_name: str = "All",
product_id: Optional[int] = None,
engagement_id: Optional[int] = None,
test_id: Optional[int] = None,
product_id: int | None = None,
engagement_id: int | None = None,
test_id: int | None = None,
order_by: str = "numerical_severity",
prefetch_type: str = "all",
):
Expand Down Expand Up @@ -420,7 +419,7 @@ def add_breadcrumbs(self, request: HttpRequest, context: dict):

return request, context

def get(self, request: HttpRequest, product_id: Optional[int] = None, engagement_id: Optional[int] = None):
def get(self, request: HttpRequest, product_id: int | None = None, engagement_id: int | None = None):
# Store the product and engagement ids
self.product_id = product_id
self.engagement_id = engagement_id
Expand All @@ -446,43 +445,43 @@ def get(self, request: HttpRequest, product_id: Optional[int] = None, engagement


class ListOpenFindings(ListFindings):
def get(self, request: HttpRequest, product_id: Optional[int] = None, engagement_id: Optional[int] = None):
def get(self, request: HttpRequest, product_id: int | None = None, engagement_id: int | None = None):
self.filter_name = "Open"
return super().get(request, product_id=product_id, engagement_id=engagement_id)


class ListVerifiedFindings(ListFindings):
def get(self, request: HttpRequest, product_id: Optional[int] = None, engagement_id: Optional[int] = None):
def get(self, request: HttpRequest, product_id: int | None = None, engagement_id: int | None = None):
self.filter_name = "Verified"
return super().get(request, product_id=product_id, engagement_id=engagement_id)


class ListOutOfScopeFindings(ListFindings):
def get(self, request: HttpRequest, product_id: Optional[int] = None, engagement_id: Optional[int] = None):
def get(self, request: HttpRequest, product_id: int | None = None, engagement_id: int | None = None):
self.filter_name = "Out of Scope"
return super().get(request, product_id=product_id, engagement_id=engagement_id)


class ListFalsePositiveFindings(ListFindings):
def get(self, request: HttpRequest, product_id: Optional[int] = None, engagement_id: Optional[int] = None):
def get(self, request: HttpRequest, product_id: int | None = None, engagement_id: int | None = None):
self.filter_name = "False Positive"
return super().get(request, product_id=product_id, engagement_id=engagement_id)


class ListInactiveFindings(ListFindings):
def get(self, request: HttpRequest, product_id: Optional[int] = None, engagement_id: Optional[int] = None):
def get(self, request: HttpRequest, product_id: int | None = None, engagement_id: int | None = None):
self.filter_name = "Inactive"
return super().get(request, product_id=product_id, engagement_id=engagement_id)


class ListAcceptedFindings(ListFindings):
def get(self, request: HttpRequest, product_id: Optional[int] = None, engagement_id: Optional[int] = None):
def get(self, request: HttpRequest, product_id: int | None = None, engagement_id: int | None = None):
self.filter_name = "Accepted"
return super().get(request, product_id=product_id, engagement_id=engagement_id)


class ListClosedFindings(ListFindings):
def get(self, request: HttpRequest, product_id: Optional[int] = None, engagement_id: Optional[int] = None):
def get(self, request: HttpRequest, product_id: int | None = None, engagement_id: int | None = None):
self.filter_name = "Closed"
self.order_by = "-mitigated"
return super().get(request, product_id=product_id, engagement_id=engagement_id)
Expand Down
3 changes: 1 addition & 2 deletions dojo/finding_group/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -74,8 +74,7 @@ def view_finding_group(request, fgid):
if jira_issue:
# See if the submitted issue was a issue key or the full URL
jira_instance = jira_helper.get_jira_project(finding_group).jira_instance
if jira_issue.startswith(jira_instance.url + "/browse/"):
jira_issue = jira_issue[len(jira_instance.url + "/browse/"):]
jira_issue = jira_issue.removeprefix(jira_instance.url + "/browse/")

if finding_group.has_jira_issue and not jira_issue == jira_helper.get_jira_key(finding_group):
jira_helper.unlink_jira(request, finding_group)
Expand Down
5 changes: 1 addition & 4 deletions dojo/forms.py
Original file line number Diff line number Diff line change
Expand Up @@ -2382,10 +2382,7 @@ def get_jira_issue_template_dir_choices():
# template_list.append((os.path.join(base_dir, filename), filename))

for dirname in dirnames:
if base_dir.startswith(settings.TEMPLATE_DIR_PREFIX):
clean_base_dir = base_dir[len(settings.TEMPLATE_DIR_PREFIX):]
else:
clean_base_dir = base_dir
clean_base_dir = base_dir.removeprefix(settings.TEMPLATE_DIR_PREFIX)
template_dir_list.append((os.path.join(clean_base_dir, dirname), dirname))

logger.debug("templates: %s", template_dir_list)
Expand Down
3 changes: 1 addition & 2 deletions dojo/home/views.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
from collections import defaultdict
from datetime import timedelta
from typing import Dict

from dateutil.relativedelta import relativedelta
from django.db.models import Count, Q
Expand Down Expand Up @@ -75,7 +74,7 @@ def support(request: HttpRequest) -> HttpResponse:
return render(request, "dojo/support.html", {})


def get_severities_all(findings) -> Dict[str, int]:
def get_severities_all(findings) -> dict[str, int]:
severities_all = findings.values("severity").annotate(count=Count("severity")).order_by()
return defaultdict(lambda: 0, {s["severity"]: s["count"] for s in severities_all})

Expand Down
16 changes: 8 additions & 8 deletions dojo/importers/auto_create_context.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import logging
from datetime import datetime, timedelta
from typing import Any, Optional
from typing import Any

from crum import get_current_user
from django.db import transaction
Expand Down Expand Up @@ -116,7 +116,7 @@ def process_import_meta_data_from_dict(
"""
def get_target_product_type_if_exists(
self,
product_type_name: Optional[str] = None,
product_type_name: str | None = None,
**kwargs: dict,
) -> Product_Type | None:
"""
Expand All @@ -131,8 +131,8 @@ def get_target_product_type_if_exists(

def get_target_product_if_exists(
self,
product_name: Optional[str] = None,
product_type_name: Optional[str] = None,
product_name: str | None = None,
product_type_name: str | None = None,
**kwargs: dict,
) -> Product | None:
"""
Expand Down Expand Up @@ -171,7 +171,7 @@ def get_target_product_by_id_if_exists(
def get_target_engagement_if_exists(
self,
engagement_id: int = 0,
engagement_name: Optional[str] = None,
engagement_name: str | None = None,
product: Product = None,
**kwargs: dict,
) -> Engagement | None:
Expand All @@ -194,8 +194,8 @@ def get_target_engagement_if_exists(
def get_target_test_if_exists(
self,
test_id: int = 0,
test_title: Optional[str] = None,
scan_type: Optional[str] = None,
test_title: str | None = None,
scan_type: str | None = None,
engagement: Engagement = None,
**kwargs: dict,
) -> Test | None:
Expand Down Expand Up @@ -223,7 +223,7 @@ def get_target_test_if_exists(
"""
def get_or_create_product_type(
self,
product_type_name: Optional[str] = None,
product_type_name: str | None = None,
**kwargs: dict,
) -> Product_Type:
"""
Expand Down
Loading

0 comments on commit 1381f97

Please sign in to comment.