Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#11210 prowler_v4.py Prowler v4.5.0 changed the 'event_time' key in finding with 'time_dt' #11211

Closed
wants to merge 13 commits into from
Closed

#11210 prowler_v4.py Prowler v4.5.0 changed the 'event_time' key in finding with 'time_dt' #11211

wants to merge 13 commits into from

Conversation

ivan-morhun
Copy link
Contributor

⚠️ Note on feature completeness ⚠️

We are narrowing the scope of acceptable enhancements to DefectDojo in preparation for v3. Learn more here:
https://github.com/DefectDojo/django-DefectDojo/blob/master/readme-docs/CONTRIBUTING.md

Description

Describe the feature / bug fix implemented by this PR.
If this is a new parser, the parser guide may be worth (re)reading.

Test results

Ideally you extend the test suite in tests/ and dojo/unittests to cover the changed in this PR.
Alternatively, describe what you have and haven't tested.

Documentation

Please update any documentation when needed in the documentation folder)

Checklist

This checklist is for your information.

  • Make sure to rebase your PR against the very latest dev.
  • Features/Changes should be submitted against the dev.
  • Bugfixes should be submitted against the bugfix branch.
  • Give a meaningful name to your PR, as it may end up being used in the release notes.
  • Your code is flake8 compliant.
  • Your code is python 3.11 compliant.
  • If this is a new feature and not a bug fix, you've included the proper documentation in the docs at https://github.com/DefectDojo/django-DefectDojo/tree/dev/docs as part of this PR.
  • Model changes must include the necessary migrations in the dojo/db_migrations folder.
  • Add applicable tests to the unit tests.
  • Add the proper label to categorize your PR.

Extra information

Please clear everything below when submitting your pull request, it's here purely for your information.

Moderators: Labels currently accepted for PRs:

  • Import Scans (for new scanners/importers)
  • enhancement
  • performance
  • feature
  • bugfix
  • maintenance (a.k.a chores)
  • dependencies
  • New Migration (when the PR introduces a DB migration)
  • settings_changes (when the PR introduces changes or new settings in settings.dist.py)

Contributors: Git Tips

Rebase on dev branch

If the dev branch has changed since you started working on it, please rebase your work after the current dev.

On your working branch mybranch:

git rebase dev mybranch

In case of conflict:

 git mergetool
 git rebase --continue

When everything's fine on your local branch, force push to your myOrigin remote:

git push myOrigin --force-with-lease

To cancel everything:

git rebase --abort

Squashing commits

git rebase -i origin/dev
  • Replace pick by fixup on the commits you want squashed out
  • Replace pick by reword on the first commit if you want to change the commit message
  • Save the file and quit your editor

Force push to your myOrigin remote:

git push myOrigin --force-with-lease

@github-actions github-actions bot added the parser label Nov 7, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Nov 7, 2024
edited
Loading

DryRun Security Summary

The provided code changes cover a wide range of updates to the DefectDojo application, including dependency updates, documentation changes, and improvements to the parsing and handling of security findings from various security tools, all focused on enhancing the security and reliability of the application.

Expand for full summary

Summary:

The provided code changes cover a wide range of updates to the DefectDojo application, including dependency updates, documentation changes, and improvements to the parsing and handling of security findings from various security tools. Overall, the changes do not introduce any obvious security vulnerabilities, and the application security engineer's focus appears to be on enhancing the security and reliability of the application.

Some key highlights from the changes include:

  1. Dependency Updates: The changes include updating dependencies like pdfmake, dojo, and Django to their latest versions, which is a good security practice to ensure the application benefits from the latest bug fixes and security patches.

  2. Documentation Improvements: The changes include updating the documentation for upgrading to DefectDojo version 2.41.x, which is a positive step in providing clear guidance to users.

  3. Parsing and Handling of Security Findings: The changes involve improvements to the parsing and handling of security findings from tools like Trivy, Contrast Security, Qualys, and AWS Prowler. This includes enhancing the extraction of relevant security information, improving the formatting and presentation of findings, and implementing deduplication mechanisms.

  4. File Management and Path Handling: The changes demonstrate a focus on using more robust and secure file management and path handling techniques, such as utilizing the pathlib module instead of the os module for file operations.

Overall, the code changes appear to be focused on improving the security, reliability, and maintainability of the DefectDojo application. The application security engineer should continue to review the changes, test the application thoroughly, and monitor the codebase for any potential security issues that may arise in the future.

Files Changed:

  1. components/package.json: Update the pdfmake dependency from ^0.2.14 to ^0.2.15.
  2. dojo/__init__.py: Update the version from 2.40.0 to 2.41.0-dev.
  3. docs/content/en/getting_started/upgrading/2.41.md: Add documentation for upgrading to DefectDojo version 2.41.x.
  4. dojo/api_v2/prefetch/utils.py: Update the documentation for the _is_many_to_many_relation, _is_one_to_one_relation, and _get_prefetchable_fields functions.
  5. components/yarn.lock: Update the versions of @foliojs-fork/fontkit, @foliojs-fork/linebreak, and @foliojs-fork/pdfkit.
  6. dojo/jira_link/helper.py: Replace os.path.basename() with Path(file).name to handle file paths.
  7. dojo/api_v2/prefetch/prefetcher.py: Update the _build_serializers(), _find_serializer(), and _prefetch() methods to improve the prefetching functionality.
  8. dojo/tools/trivy/parser.py: Enhance the formatting and content of the description templates used to generate findings from Trivy scan reports.
  9. dojo/tools/aws_prowler_v3plus/prowler_v4.py: Update the code to handle changes in the Prowler v4 report format and improve the processing of security findings.
  10. dojo/tools/contrast/parser.py: Improve the deduplication of vulnerabilities and the formatting of vulnerability information.
  11. dojo/models.py: Add noqa comments to suppress a Bandit security warning related to string literals.
  12. dojo/tools/trivy_operator/secrets_handler.py: Add a noqa comment to suppress a Bandit security warning related to string formatting.
  13. dojo/views.py: Replace os.remove() with Path().unlink() to remove files and delete orphan files.
  14. requirements-lint.txt: Update the version of the ruff package from 0.7.1 to 0.7.2.
  15. dojo/tools/qualys/csv_parser.py: Improve the parsing and conversion of Qualys vulnerabilities to Dojo findings.
  16. dojo/utils.py: Use Path from pathlib to create the threat folder instead of os.mkdir.
  17. requirements.txt: Update the versions of Django and boto3.

Code Analysis

We ran 9 analyzers against 26 files and 2 analyzers had findings. 7 analyzers had no findings.

Analyzer Findings
Configured Codepaths Analyzer 4 findings
Sensitive Files Analyzer 2 findings

Riskiness

🔴 Risk threshold exceeded.

We've notified @mtesauro, @grendel513.

View PR in the DryRun Dashboard.

@kiblik
Copy link
Contributor

kiblik commented Nov 7, 2024

Can you add tests as well, please? Add a new version of the report and test if the field is parsed correctly there.
Btw, it might be handy to open the issue into bugfix branch (if you do not want to wait a couple of weeks to have it in the official release 😄 )

@ivan-morhun ivan-morhun changed the title #11210 prowler_v4.py Replace 'event_time' with 'time' key for finding #11210 prowler_v4.py Prowler v4.5.0 changed the 'event_time' key in finding with 'time_dt' Nov 7, 2024
@ivan-morhun ivan-morhun changed the base branch from dev to bugfix November 7, 2024 11:22
DefectDojo release bot and others added 13 commits November 7, 2024 14:27
@ivan-morhun
Update versions in application files
9a8a62f
@dependabot @ivan-morhun
Bump boto3 from 1.35.53 to 1.35.54 (#11183)
95be0e3 
Bumps [boto3](https://github.com/boto/boto3) from 1.35.53 to 1.35.54.
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.35.53...1.35.54)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @ivan-morhun
Bump ruff from 0.7.1 to 0.7.2 (#11184)
54b776a 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.7.1...0.7.2)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @ivan-morhun
Bump pdfmake from 0.2.14 to 0.2.15 in /components (#11185)
5029dc6 
Bumps [pdfmake](https://github.com/bpampuch/pdfmake) from 0.2.14 to 0.2.15.
- [Release notes](https://github.com/bpampuch/pdfmake/releases)
- [Changelog](https://github.com/bpampuch/pdfmake/blob/0.2.15/CHANGELOG.md)
- [Commits](bpampuch/pdfmake@0.2.14...0.2.15)

---
updated-dependencies:
- dependency-name: pdfmake
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@kiblik @ivan-morhun
Ruff: Add and "fix" S104 (#11067)
cb47e51
@kiblik @ivan-morhun
Ruff: Add and fix D411 (#11064)
da6d19f
@manuel-sommer @ivan-morhun
Ruff: Add and fix multiple flake8-use-pathlib (#11099)
f03aee9
@kiblik @mtesauro @ivan-morhun
Ruff: Add and fix D413 (#11065)
72bfe5b 
Co-authored-by: Matt Tesauro <[email protected]>
@kiblik @mtesauro @ivan-morhun
Ruff: Add and fix S105 (#11068)
8e697cd 
Co-authored-by: Matt Tesauro <[email protected]>
@dependabot @ivan-morhun
Bump django from 5.1.2 to 5.1.3 (#11197)
de4606e 
Bumps [django](https://github.com/django/django) from 5.1.2 to 5.1.3.
- [Commits](django/django@5.1.2...5.1.3)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@ivan-morhun
#11210 prowler_v4.py Replace 'event_time' with 'time' key for finding
ada11bb
@ivan-morhun
Workaround to support Prowler version < 4.5.0
16f5bcc
@ivan-morhun
Fix tests
8991904
@ivan-morhun ivan-morhun closed this by deleting the head repository Nov 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
apiv2 docs integration_tests parser unittests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ivan-morhun @kiblik @manuel-sommer