Skip to content

Commit

Permalink
update changelog, add changelog menu to header
Browse files Browse the repository at this point in the history
  • Loading branch information
Paul Osinski committed Dec 23, 2024
1 parent 8facda6 commit 917b4c9
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 0 deletions.
5 changes: 5 additions & 0 deletions docs/config/_default/menus/menus.en.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,11 @@
url = "/en/about_defectdojo/about_docs/"
weight = 10

[[main]]
name = "Changelog"
url = "/en/changelog/changelog/"
weight = 11

[[social]]
name = "X"
pre = '<svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-brand-x" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M4 4l11.733 16h4.267l-11.733 -16z"></path><path d="M4 20l6.768 -6.768m2.46 -2.46l6.772 -6.772"></path></svg>'
Expand Down
26 changes: 26 additions & 0 deletions docs/content/en/changelog/changelog.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,32 @@ Here are the release notes for **DefectDojo Pro (Cloud Version)**. These release

For Open Source release notes, please see the [Releases page on GitHub](https://github.com/DefectDojo/django-DefectDojo/releases), or alternatively consult the Open Source [upgrade notes](../../open_source/upgrading/upgrading_guide).

## Dec 24, 2024: v2.41.3

- **(API)** Added option to recalculate hash codes (deduplication / reimport) for a single finding via the API. Sending `recalculate_hash_code = True` on a `PUT` or `PATCH` request to `/findings/{id}` will now recalculate the hash code for that Finding. <span style="background-color:rgba(242, 86, 29, 0.5)">(Pro)</span>
- **(API)** Added `/request_response_pairs` endpoint.
- **(Beta UI)** When sorting by Severity, Findings will now be ordered by **severity level** rather than alphabetically.
- **(Beta UI)** On the Findings table, the Endpoint Hosts column has been replaced with a numerical count of affected Endpoints.
- **(Beta UI)** On the Findings table, the Vulnerability ID field can now be filtered with "starts_with", "ends_with" filters.
- **(Beta UI)** Added Edit Test Type form: you can now edit the properties of a custom Test Type to determine if it is Active or Inactive, or a Static Scan or Dynamic Scan Test.
- **(Beta UI)** Same Tool Deduplication Settings / Test Type field is now searchable.
- **(Tools)** Qualys HackerGuardian now uses hashcode against "title", "severity", "description" for deduplication.
- **(Tools)** Horusec scan now uses hashcode against "title", "description", "file_path", and "line" for deduplication.

##### Why recalculate Hash Codes for a Finding?
By default, DefectDojo assumes that incoming scans will be consistent. For example, if you're reimporting a specific file, a given Finding from Scan #1 will be represented the same as a Finding from Scan #1.1, etc.

DefectDojo allows you to adjust the metadata for the resulting Finding without affecting deduplication - you can add additional endpoints or information to a Finding, even if they are not captured by the scan initially, because DefectDojo remembers how the Finding was initially 'seen' (via Hash Code).

However, if a Finding's **incoming** metadata suddenly changes (for example, the scan reports a changed component name), you may want to recalculate the Hash Code of a given Finding to account for this.

Say you have a Finding with a component named 'ABC' - you've been working with this Finding for a while, and you've made progresss. But on your latest reimport, the scan now calls that component '123'. By default, DefectDojo will not make the connection that this is the same Finding, because the component name has changed (and therefore, so has the Hash Code) This incoming report will therefore create a **new Finding**, which is likely not what you want.

You can handle this situation by taking the following steps:

1. Change the component name on the Finding to match the incoming scan: '123'
2. Re-calculate the Hash Code on this Finding, by sending `recalculate_hash_code = True` on a `PUT` or `PATCH` request to `/findings/{id}`
3. Re-import the scan. The incoming Hash Code should now match the existing Finding's Hash Code, so a duplicate will be correctly identified.

## Dec 16, 2024: v2.41.2

Expand Down

0 comments on commit 917b4c9

Please sign in to comment.