Skip to content

Commit

Permalink
Merge pull request #9030 from DefectDojo/release/2.28.2
Browse files Browse the repository at this point in the history 
Release: Merge release into master from: release/2.28.2
  • Loading branch information
@Maffooch
Maffooch authored Nov 20, 2023
2 parents 393f460 + c52f735 commit 19c4e74
Show file tree
Hide file tree
Showing 5 changed files with 69 additions and 11 deletions.
2 changes: 1 addition & 1 deletion components/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "defectdojo",
"version": "2.28.1",
"version": "2.28.2",
"license" : "BSD-3-Clause",
"private": true,
"dependencies": {
Expand Down
2 changes: 1 addition & 1 deletion dojo/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,6 @@
# Django starts so that shared_task will use this app.
from .celery import app as celery_app # noqa

__version__ = '2.28.1'
__version__ = '2.28.2'
__url__ = 'https://github.com/DefectDojo/django-DefectDojo'
__docs__ = 'https://documentation.defectdojo.com'
2 changes: 1 addition & 1 deletion dojo/settings/settings.dist.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1432,7 +1432,7 @@ def saml2_attrib_map_format(dict):
'Gitleaks Scan': DEDUPE_ALGO_HASH_CODE,
'pip-audit Scan': DEDUPE_ALGO_HASH_CODE,
'Edgescan Scan': DEDUPE_ALGO_HASH_CODE,
'Bugcrowd API': DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL,
'Bugcrowd API Import': DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL,
'Rubocop Scan': DEDUPE_ALGO_HASH_CODE,
'JFrog Xray Scan': DEDUPE_ALGO_HASH_CODE,
'CycloneDX Scan': DEDUPE_ALGO_HASH_CODE,
Expand Down
70 changes: 64 additions & 6 deletions dojo/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2395,17 +2395,57 @@ def sum_by_severity_level(metrics):


def get_open_findings_burndown(product):
findings = Finding.objects.filter(test__engagement__product=product)
findings = Finding.objects.filter(test__engagement__product=product, duplicate=False)
f_list = list(findings)

curr_date = datetime.combine(datetime.now(), datetime.min.time())
start_date = curr_date - timedelta(days=90)

critical_count = len(list(findings.filter(date__lt=start_date).filter(severity='Critical')))
high_count = len(list(findings.filter(date__lt=start_date).filter(severity='High')))
medium_count = len(list(findings.filter(date__lt=start_date).filter(severity='Medium')))
low_count = len(list(findings.filter(date__lt=start_date).filter(severity='Low')))
info_count = len(list(findings.filter(date__lt=start_date).filter(severity='Info')))
critical_count = 0
high_count = 0
medium_count = 0
low_count = 0
info_count = 0

# count all findings older than 90 days that are still active OR will be mitigated/risk-accepted in the next 90 days
for f in list(findings.filter(date__lt=start_date)):
if f.active:
if f.severity == 'Critical':
critical_count += 1
if f.severity == 'High':
high_count += 1
if f.severity == 'Medium':
medium_count += 1
if f.severity == 'Low':
low_count += 1
if f.severity == 'Info':
info_count += 1
elif f.is_mitigated:
f_mitigated_date = f.mitigated.timestamp()
if f_mitigated_date >= start_date.timestamp():
if f.severity == 'Critical':
critical_count += 1
if f.severity == 'High':
high_count += 1
if f.severity == 'Medium':
medium_count += 1
if f.severity == 'Low':
low_count += 1
if f.severity == 'Info':
info_count += 1
elif f.risk_accepted:
f_risk_accepted_date = f.risk_acceptance.created.timestamp()
if f_risk_accepted_date >= start_date.timestamp():
if f.severity == 'Critical':
critical_count += 1
if f.severity == 'High':
high_count += 1
if f.severity == 'Medium':
medium_count += 1
if f.severity == 'Low':
low_count += 1
if f.severity == 'Info':
info_count += 1

running_min, running_max = float('inf'), float('-inf')
past_90_days = {
Expand All @@ -2416,13 +2456,15 @@ def get_open_findings_burndown(product):
'Info': []
}

# count the number of open findings for the 90-day window
for i in range(90, -1, -1):
start = (curr_date - timedelta(days=i))

d_start = start.timestamp()
d_end = (start + timedelta(days=1)).timestamp()

for f in f_list:
# If a finding was opened on this day we add it to the counter of that day
f_open_date = datetime.combine(f.date, datetime.min.time()).timestamp()
if f_open_date >= d_start and f_open_date < d_end:
if f.severity == 'Critical':
Expand All @@ -2436,6 +2478,7 @@ def get_open_findings_burndown(product):
if f.severity == 'Info':
info_count += 1

# If a finding was mitigated on this day we subtract it
if f.is_mitigated:
f_mitigated_date = f.mitigated.timestamp()
if f_mitigated_date >= d_start and f_mitigated_date < d_end:
Expand All @@ -2450,6 +2493,21 @@ def get_open_findings_burndown(product):
if f.severity == 'Info':
info_count -= 1

# If a finding was risk accepted on this day we subtract it
elif f.risk_accepted:
f_risk_accepted_date = f.risk_acceptance.created.timestamp()
if f_risk_accepted_date >= d_start and f_risk_accepted_date < d_end:
if f.severity == 'Critical':
critical_count -= 1
if f.severity == 'High':
high_count -= 1
if f.severity == 'Medium':
medium_count -= 1
if f.severity == 'Low':
low_count -= 1
if f.severity == 'Info':
info_count -= 1

f_day = [critical_count, high_count, medium_count, low_count, info_count]
if min(f_day) < running_min:
running_min = min(f_day)
Expand Down
4 changes: 2 additions & 2 deletions helm/defectdojo/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
apiVersion: v2
appVersion: "2.28.1"
appVersion: "2.28.2"
description: A Helm chart for Kubernetes to install DefectDojo
name: defectdojo
version: 1.6.95
version: 1.6.96
icon: https://www.defectdojo.org/img/favicon.ico
maintainers:
- name: madchap
Expand Down

0 comments on commit 19c4e74

Please sign in to comment.