From 39a3e0c9beb3540b7f31f55eb36f4dbb806167b0 Mon Sep 17 00:00:00 2001 From: DefectDojo release bot Date: Mon, 28 Oct 2024 15:27:32 +0000 Subject: [PATCH 1/3] Update versions in application files --- components/package.json | 2 +- helm/defectdojo/Chart.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/components/package.json b/components/package.json index 4b74883bf0e..06cdce1889b 100644 --- a/components/package.json +++ b/components/package.json @@ -1,6 +1,6 @@ { "name": "defectdojo", - "version": "2.39.3", + "version": "2.40.0-dev", "license" : "BSD-3-Clause", "private": true, "dependencies": { diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml index cf5789792fc..3f1a22acc9d 100644 --- a/helm/defectdojo/Chart.yaml +++ b/helm/defectdojo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "2.39.3" +appVersion: "2.40.0-dev" description: A Helm chart for Kubernetes to install DefectDojo name: defectdojo -version: 1.6.156 +version: 1.6.157-dev icon: https://www.defectdojo.org/img/favicon.ico maintainers: - name: madchap From 9a8fbc4fab64397be0c296e81a42755c3069db7f Mon Sep 17 00:00:00 2001 From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Date: Mon, 28 Oct 2024 12:16:03 -0500 Subject: [PATCH 2/3] Import/Reimport: Restore Defaults (#11147) --- dojo/api_v2/serializers.py | 67 ++++++++++++++++++++++++++------------ 1 file changed, 46 insertions(+), 21 deletions(-) diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py index e769b15b98a..56a18265064 100644 --- a/dojo/api_v2/serializers.py +++ b/dojo/api_v2/serializers.py @@ -2065,7 +2065,6 @@ class CommonImportScanSerializer(serializers.Serializer): help_text="Override the verified setting from the tool.", ) - scan_type = serializers.ChoiceField(choices=get_choices_sorted()) # TODO: why do we allow only existing endpoints? endpoint_to_add = serializers.PrimaryKeyRelatedField( queryset=Endpoint.objects.all(), @@ -2093,26 +2092,8 @@ class CommonImportScanSerializer(serializers.Serializer): lead = serializers.PrimaryKeyRelatedField( allow_null=True, default=None, queryset=User.objects.all(), ) - tags = TagListSerializerField( - required=False, allow_empty=True, help_text="Add tags that help describe this scan.", - ) - close_old_findings = serializers.BooleanField( - required=False, - default=False, - help_text="Select if old findings no longer present in the report get closed as mitigated when importing. " - "If service has been set, only the findings for this service will be closed.", - ) - close_old_findings_product_scope = serializers.BooleanField( - required=False, - default=False, - help_text="Select if close_old_findings applies to all findings of the same type in the product. " - "By default, it is false meaning that only old findings of the same type in the engagement are in scope.", - ) push_to_jira = serializers.BooleanField(default=False) environment = serializers.CharField(required=False) - version = serializers.CharField( - required=False, help_text="Version that was scanned.", - ) build_id = serializers.CharField( required=False, help_text="ID of the build that was scanned.", ) @@ -2281,11 +2262,28 @@ def setup_common_context(self, data: dict) -> dict: class ImportScanSerializer(CommonImportScanSerializer): - + scan_type = serializers.ChoiceField(choices=get_choices_sorted()) engagement = serializers.PrimaryKeyRelatedField( queryset=Engagement.objects.all(), required=False, ) - + tags = TagListSerializerField( + required=False, allow_empty=True, help_text="Add tags that help describe this scan.", + ) + close_old_findings = serializers.BooleanField( + required=False, + default=False, + help_text="Select if old findings no longer present in the report get closed as mitigated when importing. " + "If service has been set, only the findings for this service will be closed.", + ) + close_old_findings_product_scope = serializers.BooleanField( + required=False, + default=False, + help_text="Select if close_old_findings applies to all findings of the same type in the product. " + "By default, it is false meaning that only old findings of the same type in the engagement are in scope.", + ) + version = serializers.CharField( + required=False, help_text="Version that was scanned.", + ) # extra fields populated in response # need to use the _id suffix as without the serializer framework gets # confused @@ -2341,9 +2339,36 @@ class ReImportScanSerializer(TaggitSerializer, CommonImportScanSerializer): do_not_reactivate = serializers.BooleanField( default=False, required=False, help_text=help_do_not_reactivate, ) + scan_type = serializers.ChoiceField( + choices=get_choices_sorted(), required=True, + ) test = serializers.PrimaryKeyRelatedField( required=False, queryset=Test.objects.all(), ) + # Close the old findings if the parameter is not provided. This is to + # maintain the old API behavior after reintroducing the close_old_findings parameter + # also for ReImport. + close_old_findings = serializers.BooleanField( + required=False, + default=True, + help_text="Select if old findings no longer present in the report get closed as mitigated when importing.", + ) + close_old_findings_product_scope = serializers.BooleanField( + required=False, + default=False, + help_text="Select if close_old_findings applies to all findings of the same type in the product. " + "By default, it is false meaning that only old findings of the same type in the engagement are in scope. " + "Note that this only applies on the first call to reimport-scan.", + ) + version = serializers.CharField( + required=False, + help_text="Version that will be set on existing Test object. Leave empty to leave existing value in place.", + ) + tags = TagListSerializerField( + required=False, + allow_empty=True, + help_text="Modify existing tags that help describe this scan. (Existing test tags will be overwritten)", + ) def set_context( self, From a5567597e5e84b3cd0c27f50af51641b7d737566 Mon Sep 17 00:00:00 2001 From: DefectDojo release bot Date: Mon, 28 Oct 2024 18:24:31 +0000 Subject: [PATCH 3/3] Update versions in application files --- components/package.json | 2 +- dojo/__init__.py | 2 +- helm/defectdojo/Chart.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/package.json b/components/package.json index 06cdce1889b..805b16ff7cf 100644 --- a/components/package.json +++ b/components/package.json @@ -1,6 +1,6 @@ { "name": "defectdojo", - "version": "2.40.0-dev", + "version": "2.39.4", "license" : "BSD-3-Clause", "private": true, "dependencies": { diff --git a/dojo/__init__.py b/dojo/__init__.py index ee1a414db8f..9572cd89329 100644 --- a/dojo/__init__.py +++ b/dojo/__init__.py @@ -4,6 +4,6 @@ # Django starts so that shared_task will use this app. from .celery import app as celery_app # noqa: F401 -__version__ = "2.39.3" +__version__ = "2.39.4" __url__ = "https://github.com/DefectDojo/django-DefectDojo" __docs__ = "https://documentation.defectdojo.com" diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml index 3f1a22acc9d..5337b2b7059 100644 --- a/helm/defectdojo/Chart.yaml +++ b/helm/defectdojo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "2.40.0-dev" +appVersion: "2.39.4" description: A Helm chart for Kubernetes to install DefectDojo name: defectdojo -version: 1.6.157-dev +version: 1.6.157 icon: https://www.defectdojo.org/img/favicon.ico maintainers: - name: madchap