Skip to content

Commit

Permalink
rebase snyk-epss
Browse files Browse the repository at this point in the history
* Update versions in application files

* Update versions

* Parse GitHub vulnerability version (DefectDojo#9462)

* Fix SARIF parser with CodeQL rules (DefectDojo#9440)

* fix for sarif parser with codeql rules

* add check for extensions property

* flake8 comparsion

* finding sla expiration date field (part two) (DefectDojo#9494)

* finding sla expiration date field (part two)

* sla violation check updates

* clean up of finding violates_sla property

* flake8 fix

* Update dojo/models.py

Co-authored-by: Charles Neill <[email protected]>

* Update 0201_populate_finding_sla_expiration_date.py

---------

Co-authored-by: Charles Neill <[email protected]>

* Jira Server/DataCenter: Update meta methods (DefectDojo#9512)

* Jira Webhook: Catch comments from other issue updates (DefectDojo#9513)

* Jira Webhook: Catch comments from other issue updates

* Accommodate redirect responses

* Update dojo/jira_link/views.py

Co-authored-by: Charles Neill <[email protected]>

* Fix syntax

---------

Co-authored-by: Charles Neill <[email protected]>

* Release Drafter: Try validating inputs

* Disallow duplicate tool types (DefectDojo#9530)

* Disallow duplicate tool types

* Fix Flake8

* Only validate on new creations

* Force new name on tool type unit test

* Engagement Surveys: Add missing leading slash (DefectDojo#9531)

URL redirects were behaving strangely without this leading slash. it seems it was missed when all the others were added

* Update versions in application files

* Update versions in application files

* Update versions in application files

* Dojo_Group: Support for "RemoteUser" in model (DefectDojo#9405)

* Use correct name references

* fix db_mig

* Update and rename 0201_alter_dojo_group_social_provider.py to 0202_alter_dojo_group_social_provider.py

---------

Co-authored-by: Cody Maffucci <[email protected]>

* Fix "Overdue" tag still visible with closed issues (DefectDojo#9539)

* Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) (DefectDojo#9535)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* remove flot-axis library (DefectDojo#9540)

* use full url for helm-repos and alias in renovate.json (DefectDojo#9525)

With this change, renovate will create PRs to update
the helm-dependencies, just as with docker-compose.

Note that only setting the repository to the full URL did not work,
I also had to add the registryAlias.

* Update Helm release redis from 16.12.3 to ~16.13.0 (helm/defectdojo/Chart.yaml) (DefectDojo#9550)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) (DefectDojo#9541)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update postgres Docker tag from 16.1 to v16.2 (docker-compose.yml) (DefectDojo#9536)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Helm release mysql from 9.1.8 to ~9.19.0 (helm/defectdojo/Chart.yaml) (DefectDojo#9545)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Helm release rabbitmq from 11.2.2 to ~11.16.0 (helm/defectdojo/Chart.yaml) (DefectDojo#9548)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Helm release postgresql from 11.6.26 to ~11.9.0 (helm/defectdojo/Chart.yaml) (DefectDojo#9546)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Helm release postgresql-ha from 9.1.9 to ~9.4.0 (helm/defectdojo/Chart.yaml) (DefectDojo#9547)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update google-sheets-sync.md with deprecation notice (DefectDojo#9495)

* Remove DD_USE_L10N (DefectDojo#9491)

* API: removal of drf_yasg (OpenAPI 2.0 Swagger) (DefectDojo#9108)

* Removal of drf_yasg

* Clean filterwarnings

* Drop filterwarnings "unclosed file" (DefectDojo#9498)

* 🐛 WFuzz: Generalize severity mapping (DefectDojo#9505)

* 🐛 fix wfuzz 301, issue 6182

* make severity mapper more robust

* unittest for missing response code

* update docs

* Remove useless noqa, be more specific for usefull noqa (DefectDojo#9510)

* ✨ add burp dastardly (DefectDojo#9514)

* ✨ add burp dastardly

* fix author names

* fix unittest

* add docs

* Remove filterwarnings for "invalid escape sequence" (DefectDojo#9496)

* Drop filterwarnings "invalid escape sequence"

* Fix SyntaxError for special_character_required

* Update dojo/utils.py

Co-authored-by: Charles Neill <[email protected]>

* Update settings.dist.py

Fix merge conflict fix

---------

Co-authored-by: Charles Neill <[email protected]>
Co-authored-by: Matt Tesauro <[email protected]>

* 🐛 fix mobsf deduplication and severity mapping (DefectDojo#9471)

* 🐛 fix DefectDojo#7936, fix severity mapping

* add warning

* remove multiple warning replacings

* remove replacing

* Remove filterwarnings for "DateTimeField - timezone" (DefectDojo#9497)

* Drop filterwarnings "DateTimeField - timezone"

* Fix some

* Fix of RA test + importers

* Fix RA

* Fix importers

* Fix Flake8

---------

Co-authored-by: Matt Tesauro <[email protected]>

* Update Helm release postgresql-ha from 9.4.11 to v13 (helm/defectdojo/Chart.yaml) (DefectDojo#9553)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Remove handling of broken unittests (DefectDojo#9504)

* 🎉 introducing EPSS score (DefectDojo#9516)

* WIP

* first draw

* fix migrations

* fix migrations

* add epss to findings UI

* added epss to finding list

* Delete unittests/scans/wazuh/one_endpoint_finding.json

* flake8

* add migration for ModelOptions

* Add null values for epss + validators

* updated findings detail page to display epss as percentage

* removed wazuh file

* update branch (#3)

* Update versions in application files

* Update jira-description.tpl (DefectDojo#9403)

* Update and rename whitesource.md to mend.md (DefectDojo#9348)

* Update and rename whitesource.md to mend.md

* Update docs/content/en/integrations/parsers/file/mend.md

Co-authored-by: Charles Neill <[email protected]>

---------

Co-authored-by: Charles Neill <[email protected]>

* API: Remote v2 OpenAPI2 Docs from menu (DefectDojo#9469)

* 🐛 fix migration (DefectDojo#9467)

* finding sla expiration date field (part one) (DefectDojo#9473)

* addition of sla expiration date field on the finding model

* add migration and fix indentation issue

* fix mitigated finding remaining sla days calculation

* fix sla violation filter to return only active, sla violating findings

* migration system settings fix

* fix mitigation date vs datetime discrepancy

* fix breaking unit test

* move product save check to signal

* fix unit test failure

* make signal operations async, fix sla config delete 500 error

* add unit tests to test sla expiration date functionality

* restarting without signals

* add async updating flags, redo migration

* move signal logic to overriden save

* fix errors for non-existing objects at creation

* clean up comments and a few logical expressions

* fix flake8 error

* addition of new unit tests

* fix unit test error

* add message to form fields when async updating flag is true

* fix save location, reword form messages, reword redirect messages

* remove commented lines from unit tests

* add a bit more description to API validation errors

* migration fix

* migration performance improvements

* fix datetime - str comparison issue

* clean up for part one of sla expiration date field

* fix flake8

* Update dojo/db_migrations/0200_finding_sla_expiration_date_product_async_updating_and_more.py

Co-authored-by: Charles Neill <[email protected]>

* Update dojo/models.py

Co-authored-by: Charles Neill <[email protected]>

---------

Co-authored-by: Charles Neill <[email protected]>

* Update versions in application files

* Update versions in application files

* Update release-drafter/release-drafter action from v5.25.0 to v6 (.github/workflows/release-drafter.yml) (DefectDojo#9460)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Bump pytz from 2023.4 to 2024.1 (DefectDojo#9465)

Bumps [pytz](https://github.com/stub42/pytz) from 2023.4 to 2024.1.
- [Release notes](https://github.com/stub42/pytz/releases)
- [Commits](stub42/pytz@release_2023.4...release_2024.1)

---
updated-dependencies:
- dependency-name: pytz
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump django-debug-toolbar from 4.2.0 to 4.3.0 (DefectDojo#9466)

Bumps [django-debug-toolbar](https://github.com/jazzband/django-debug-toolbar) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/jazzband/django-debug-toolbar/releases)
- [Changelog](https://github.com/jazzband/django-debug-toolbar/blob/main/docs/changes.rst)
- [Commits](django-commons/django-debug-toolbar@4.2...4.3)

---
updated-dependencies:
- dependency-name: django-debug-toolbar
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump nginx from `d12e6f7` to `f2802c2` (DefectDojo#9477)

Bumps nginx from `d12e6f7` to `f2802c2`.

---
updated-dependencies:
- dependency-name: nginx
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update dependency postcss from 8.4.33 to v8.4.34 (docs/package.json) (DefectDojo#9481)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) (DefectDojo#9458)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* ⬆️ Bump boto3 from 1.34.32 to 1.34.35 (DefectDojo#9489)

Bumps [boto3](https://github.com/boto/boto3) from 1.34.32 to 1.34.35.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](boto/boto3@1.34.32...1.34.35)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update dependency ruff from 0.1.15 to v0.2.1 (requirements-lint.txt) (DefectDojo#9459)

* Update dependency ruff from 0.1.15 to v0.2.1 (requirements-lint.txt)

* Fix ruff warning (DefectDojo#9461)

* Update dependency ruff from 0.1.15 to v0.2.0 (requirements-lint.txt)

* fix ruff warning

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Charles Neill <[email protected]>

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: kiblik <[email protected]>
Co-authored-by: Charles Neill <[email protected]>

* 🐛 fix defaulting severity, see last comments in DefectDojo#8778 (DefectDojo#9370)

Co-authored-by: Cody Maffucci <[email protected]>

* Add ruff for *tests (DefectDojo#9406)

* Revert ":bug: fix dependencytrack deduplication (DefectDojo#9117)" (DefectDojo#9371)

This reverts commit 0f55a7f.

Co-authored-by: Cody Maffucci <[email protected]>

* dojo/importers/importer/importer.py - Change "None" string to "Info" from cvss module when a CVSS vector string should evaluate to "Info" (DefectDojo#9453)

* dojo/importers/importer/importer.py - Change "None" string to "Info" from cvss module when a CVSS vector string evaluates to "Info"

* dojo/importers/importer/importer.py - Change "None" string to "Info" from cvss module when a CVSS vector string evaluates to "Info" #flake8_fix

* Trivy Operator VulnerabilityReport Parser tweaks (DefectDojo#9452)

* API: Check missing endpoints (DefectDojo#7618)

* Rename unittest

* Define exceptions for now

* Announcement was implemented

* Fix unittests with assertRaises + replace  assertTrue/False with better checks (DefectDojo#9435)

* Fix unittests with assertRaises

* Replace assertTrue/False with better checks

* Fixes

* Optimize list of Maintenance in relase notes (DefectDojo#9492)

* fix typo in docs (DefectDojo#9487)

* 🐛 WFuzz: Add additional severity mappings (DefectDojo#9486)

* 🐛 fix wfuzz, issue DefectDojo#7863

* add 302

* update docs

* Be strict about Warnings during testing (DefectDojo#9490)

* Set PYTHONWARNINGS=error

* Add basic filterwarnings

* Mute some warnings

* Mute one more warning

* 🐛 fix trufflehog3, issue DefectDojo#6999 (DefectDojo#9470)

* 🐛 fix yarn_audit, DefectDojo#6495 (DefectDojo#9478)

* Bump vulners from 2.1.2 to 2.1.5 (DefectDojo#9391)

Bumps [vulners]() from 2.1.2 to 2.1.5.

---
updated-dependencies:
- dependency-name: vulners
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add support for DD_APPEND_SLASH (DefectDojo#9385)

* Override default Django APPEND_SLASH

* Update dojo/settings/settings.dist.py

* 🎉 Improvements for wazuh importer (DefectDojo#9248)

* improvement for wazuh importer

* 🔧 change on dedupe for Wazuh

* 🔧 change on dedupe for Wazuh

* 📝

* ✏️

* 📝

* 📝

* flake8

* 🎉 recoded wazuh importer to support endpoints

* ✅ adjusted unittests

* 📝

* ✏️

* ✏️

---------

Co-authored-by: Cody Maffucci <[email protected]>

* Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) (DefectDojo#9501)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update dependency postcss from 8.4.34 to v8.4.35 (docs/package.json) (DefectDojo#9502)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Improve API endpoints for Risk Acceptances (DefectDojo#9415)

* Modifying Bugcrowd API Parser to align to vendor documentation on wha… (DefectDojo#9517)

* Modifying Bugcrowd API Parser to align to vendor documentation on what the not_applicable state means.  It is now active == False and severity == 'Info'. [sc-4217]

* fixing Flake8 errors

* fixing Flake8 errors, part deux

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: DefectDojo release bot <[email protected]>
Co-authored-by: Cody Maffucci <[email protected]>
Co-authored-by: Paul Osinski <[email protected]>
Co-authored-by: Charles Neill <[email protected]>
Co-authored-by: kiblik <[email protected]>
Co-authored-by: manuelsommer <[email protected]>
Co-authored-by: Blake Owens <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Robert Kiss <[email protected]>
Co-authored-by: ninp0 <[email protected]>
Co-authored-by: Raouf HADDADA <[email protected]>
Co-authored-by: Felix Hernandez <[email protected]>
Co-authored-by: Jay Paz <[email protected]>

* updated migrations

* added percentage to findings_list

* ✏️ tightening column title in findings detail page

* flake8

* undo DT parser update

* fix migrations

* update migrations to changes in dev

* merge dev into epss score

* Update versions in application files

* Update versions

* Parse GitHub vulnerability version (DefectDojo#9462)

* Fix SARIF parser with CodeQL rules (DefectDojo#9440)

* fix for sarif parser with codeql rules

* add check for extensions property

* flake8 comparsion

* finding sla expiration date field (part two) (DefectDojo#9494)

* finding sla expiration date field (part two)

* sla violation check updates

* clean up of finding violates_sla property

* flake8 fix

* Update dojo/models.py

Co-authored-by: Charles Neill <[email protected]>

* Update 0201_populate_finding_sla_expiration_date.py

---------

Co-authored-by: Charles Neill <[email protected]>

* Jira Server/DataCenter: Update meta methods (DefectDojo#9512)

* Jira Webhook: Catch comments from other issue updates (DefectDojo#9513)

* Jira Webhook: Catch comments from other issue updates

* Accommodate redirect responses

* Update dojo/jira_link/views.py

Co-authored-by: Charles Neill <[email protected]>

* Fix syntax

---------

Co-authored-by: Charles Neill <[email protected]>

* add metrics page: "Product Tag Count" (fixes DefectDojo#9151) (DefectDojo#9152)

* add metrics page: "Product Tag Count"

It is fully based on "Product Type Count" metrics page.

* fixup! add metrics page: "Product Tag Count"

* Fix Flake8

* Update views.py

---------

Co-authored-by: Cody Maffucci <[email protected]>

* Release Drafter: Try validating inputs

* Disallow duplicate tool types (DefectDojo#9530)

* Disallow duplicate tool types

* Fix Flake8

* Only validate on new creations

* Force new name on tool type unit test

* Engagement Surveys: Add missing leading slash (DefectDojo#9531)

URL redirects were behaving strangely without this leading slash. it seems it was missed when all the others were added

* Update versions in application files

* Update versions in application files

* Dojo_Group: Support for "RemoteUser" in model (DefectDojo#9405)

* Use correct name references

* fix db_mig

* Update and rename 0201_alter_dojo_group_social_provider.py to 0202_alter_dojo_group_social_provider.py

---------

Co-authored-by: Cody Maffucci <[email protected]>

* Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) (DefectDojo#9535)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* remove flot-axis library (DefectDojo#9540)

* use full url for helm-repos and alias in renovate.json (DefectDojo#9525)

With this change, renovate will create PRs to update
the helm-dependencies, just as with docker-compose.

Note that only setting the repository to the full URL did not work,
I also had to add the registryAlias.

* Update Helm release redis from 16.12.3 to ~16.13.0 (helm/defectdojo/Chart.yaml) (DefectDojo#9550)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) (DefectDojo#9541)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update postgres Docker tag from 16.1 to v16.2 (docker-compose.yml) (DefectDojo#9536)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Helm release mysql from 9.1.8 to ~9.19.0 (helm/defectdojo/Chart.yaml) (DefectDojo#9545)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

---------

Co-authored-by: DefectDojo release bot <[email protected]>
Co-authored-by: Cody Maffucci <[email protected]>
Co-authored-by: Colm O hEigeartaigh <[email protected]>
Co-authored-by: Andrei Serebriakov <[email protected]>
Co-authored-by: Blake Owens <[email protected]>
Co-authored-by: Charles Neill <[email protected]>
Co-authored-by: tomaszn <[email protected]>
Co-authored-by: kiblik <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Felix Hernandez <[email protected]>
Co-authored-by: Sebastian Gumprich <[email protected]>

* update epss-score (#5)

solve conflicts

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: DefectDojo release bot <[email protected]>
Co-authored-by: Cody Maffucci <[email protected]>
Co-authored-by: Paul Osinski <[email protected]>
Co-authored-by: Charles Neill <[email protected]>
Co-authored-by: kiblik <[email protected]>
Co-authored-by: manuelsommer <[email protected]>
Co-authored-by: Blake Owens <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Robert Kiss <[email protected]>
Co-authored-by: ninp0 <[email protected]>
Co-authored-by: Raouf HADDADA <[email protected]>
Co-authored-by: Felix Hernandez <[email protected]>
Co-authored-by: Jay Paz <[email protected]>
Co-authored-by: Colm O hEigeartaigh <[email protected]>
Co-authored-by: Andrei Serebriakov <[email protected]>
Co-authored-by: tomaszn <[email protected]>
Co-authored-by: Sebastian Gumprich <[email protected]>

* 🎉 importing epss score from DependencyTrack output (DefectDojo#9521)

* improved Sonatype parser (DefectDojo#9519)

* Sonatype parser improved

* Blank line at end of file removed.

* Sonatype status evaluation removed.

* fix clair docs according to PR DefectDojo#9355 (DefectDojo#9523)

* fix clair docs according to PR DefectDojo#9355

* remove clair_klar

* update

* start to implement unittest to test if a parser exists for a md file

* unittest to test if parser exists to a documented parser

* add edgescan and codeql to skip this test

* 🎉 works fine, removed asfd

* ⬆️ Bump openapitools/openapi-generator-cli from v7.2.0 to v7.3.0 (DefectDojo#9526)

Bumps openapitools/openapi-generator-cli from v7.2.0 to v7.3.0.

---
updated-dependencies:
- dependency-name: openapitools/openapi-generator-cli
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* 🎉 Importing EPSS score from AWS Inspector via AWS SecHub (DefectDojo#9529)

* 🎉 epss score for AWS SecHub

* 🎉 adjusted aws sechub parser to import inspector epss scores

* flake8

* 🐛 fix kics, DefectDojo#7966 (DefectDojo#9542)

* 🐛 fix kics, DefectDojo#7966

* 🐛 fix unittests

* add hashcode according to review

* update to retrigger failed pipeline

* Fix handling of incorrect if test import fail (DefectDojo#9544)

* 🐛 fix nessus severity (DefectDojo#9549)

* 🐛 fix nessus severity

* add unittest

* flake8

* ✨ Documentation for managing files (DefectDojo#9557)

* ✨ add docs for issue DefectDojo#8597

* update according to review

* Labeler: Add sync-labels (DefectDojo#9565)

* Update rabbitmq Docker tag from 3.12.12 to v3.12.13 (docker-compose.yml) (DefectDojo#9573)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Questionnaires: Correct nested object deletions (DefectDojo#9574)

* Questionnaires: Correct nested object deletions

* Fix Flake8

* Jira: Append labels and respect priority on update (DefectDojo#9571)

A couple fields are overwritten by DefectDojo when findings are pushed to an existing jira ticket. This can be destructive for developers in the following ways:
- Priority: This field often reflects the timeline a particular issue may be fixed. Developers may have more specific context for why a vulnerability may not be as severe as initially thought.
- Labels: Labels could be used to sort issues in a given queue to determine who works on a given ticket. When a finding is pushed to jira again after creation, these new labels should not be overwritten

These fields should be respected to avoid stomping on any changes/process set by developers

* Bump nginx from 1.25.3-alpine to 1.25.4-alpine (DefectDojo#9580)

Bumps nginx from 1.25.3-alpine to 1.25.4-alpine.

---
updated-dependencies:
- dependency-name: nginx
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Correct Endpoint "Hosts" views when the host field is `None` (DefectDojo#9560)

* Endpoints: Force object validation on save

* Prevent str concatenation with None type

* Remove forced clean on save

* Deduplication: Do not reopen original finding (DefectDojo#9558)

* Update versions in application files

* Update versions in application files

* Ignore warnings from polymorphic

* Fix Flake8

* More warning handling

* Fix Flake8 again...

* Update dependency ruff from 0.2.1 to v0.2.2 (requirements-lint.txt) (DefectDojo#9576)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: DefectDojo release bot <[email protected]>
Co-authored-by: Cody Maffucci <[email protected]>
Co-authored-by: Colm O hEigeartaigh <[email protected]>
Co-authored-by: Andrei Serebriakov <[email protected]>
Co-authored-by: Blake Owens <[email protected]>
Co-authored-by: Charles Neill <[email protected]>
Co-authored-by: kiblik <[email protected]>
Co-authored-by: Felix Hernandez <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Sebastian Gumprich <[email protected]>
Co-authored-by: Paul Osinski <[email protected]>
Co-authored-by: manuelsommer <[email protected]>
Co-authored-by: Matt Tesauro <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Robert Kiss <[email protected]>
Co-authored-by: ninp0 <[email protected]>
Co-authored-by: Raouf HADDADA <[email protected]>
Co-authored-by: Jay Paz <[email protected]>
Co-authored-by: tomaszn <[email protected]>
Co-authored-by: Andreas Reichert <[email protected]>
Co-authored-by: kiblik <[email protected]>
  • Loading branch information
1 parent 7040850 commit c726c0a
Showing 0 changed files with 0 additions and 0 deletions.

0 comments on commit c726c0a

Please sign in to comment.