Merge pull request #9924 from DefectDojo/release/2.33.2

Release: Merge release into master from: release/2.33.2
DefectDojo · Apr 15, 2024 · 83fae48 · 83fae48
2 parents f2c3cf5 + 66c46c6
commit 83fae48
Show file tree

Hide file tree

Showing 16 changed files with 605 additions and 708 deletions.
diff --git a/components/package.json b/components/package.json
@@ -1,6 +1,6 @@
 {
   "name": "defectdojo",
-  "version": "2.33.1",
+  "version": "2.33.2",
   "license" : "BSD-3-Clause",
   "private": true,
   "dependencies": {

diff --git a/docker-compose.override.debug.yml b/docker-compose.override.debug.yml
@@ -1,5 +1,4 @@
 ---
-version: '3.8'
 services:
   uwsgi:
     entrypoint: ['/wait-for-it.sh', '${DD_DATABASE_HOST}:${DD_DATABASE_PORT}', '-t', '30', '--', '/entrypoint-uwsgi-dev.sh']

diff --git a/docker-compose.override.dev.yml b/docker-compose.override.dev.yml
@@ -1,5 +1,4 @@
 ---
-version: '3.8'
 services:
   uwsgi:
     entrypoint: ['/wait-for-it.sh', '${DD_DATABASE_HOST}:${DD_DATABASE_PORT}', '-t', '30', '--', '/entrypoint-uwsgi-dev.sh']

diff --git a/docker-compose.override.https.yml b/docker-compose.override.https.yml
@@ -1,5 +1,4 @@
 ---
-version: '3.8'
 services:
   nginx:
     environment:

diff --git a/docker-compose.override.integration_tests.yml b/docker-compose.override.integration_tests.yml
@@ -1,5 +1,4 @@
 ---
-version: '3.8'
 services:
   integration-tests:
     build:

diff --git a/docker-compose.override.unit_tests_cicd.yml b/docker-compose.override.unit_tests_cicd.yml
@@ -1,5 +1,4 @@
 ---
-version: '3.8'
 services:
   nginx:
     image: busybox:1.36.1-musl

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -6,7 +6,6 @@
 # docker-compose.yml file is not intended for production use without first
 # customizing it to your particular situation.
 ---
-version: '3.8'
 services:
   nginx:
     build:

diff --git a/dojo/__init__.py b/dojo/__init__.py
@@ -4,6 +4,6 @@
 # Django starts so that shared_task will use this app.
 from .celery import app as celery_app  # noqa: F401
 
-__version__ = '2.33.1'
+__version__ = '2.33.2'
 __url__ = 'https://github.com/DefectDojo/django-DefectDojo'
 __docs__ = 'https://documentation.defectdojo.com'
diff --git a/dojo/tools/checkmarx_one/parser.py b/dojo/tools/checkmarx_one/parser.py
@@ -84,9 +84,9 @@ def get_findings(self, file, test):
                             vulnerability.get("similarityId")
                         )
                     findings.append(finding)
-                if result_type == "kics":
+                elif result_type == "kics":
                     description = vulnerability.get("description")
-                    file_path = vulnerability.get("data").get("filename")
+                    file_path = vulnerability.get("data").get("filename", vulnerability.get("data").get("fileName"))
                     finding = Finding(
                         title=f'{description}',
                         description=description,
@@ -107,4 +107,31 @@ def get_findings(self, file, test):
                             vulnerability.get("similarityId")
                         )
                     findings.append(finding)
+                elif result_type in ["sca", "sca-container"]:
+                    description = vulnerability.get("description")
+                    finding = Finding(
+                        title=description,
+                        description=description,
+                        date=date,
+                        severity=vulnerability.get("severity").title(),
+                        verified=vulnerability.get("state") != "TO_VERIFY",
+                        test=test,
+                        cwe=cwe,
+                        static_finding=True,
+                    )
+                    if vulnerability.get("cveId"):
+                        finding.unsaved_vulnerability_ids = [
+                            vulnerability.get("cveId")
+                        ]
+                    if vulnerability.get("id"):
+                        finding.unique_id_from_tool = vulnerability.get(
+                            "id"
+                        )
+                    else:
+                        finding.unique_id_from_tool = str(
+                            vulnerability.get("similarityId")
+                        )
+                    finding.unsaved_tags = [result_type]
+                    findings.append(finding)
+
         return findings
diff --git a/dojo/tools/cobalt/parser.py b/dojo/tools/cobalt/parser.py
@@ -27,16 +27,8 @@ def get_findings(self, filename, test):
         reader = csv.DictReader(
             io.StringIO(content), delimiter=",", quotechar='"'
         )
-        csvarray = []
-
         dupes = dict()
-
-        # FIXME double loop, could lead to performance pb if the number of
-        # issues is big
         for row in reader:
-            csvarray.append(row)
-
-        for row in csvarray:
             finding = Finding(test=test)
             finding.title = (
                 row["Title"] if row["Title"][0] != "'" else row["Title"][1:]

diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml
@@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: "2.33.1"
+appVersion: "2.33.2"
 description: A Helm chart for Kubernetes to install DefectDojo
 name: defectdojo
-version: 1.6.119
+version: 1.6.120
 icon: https://www.defectdojo.org/img/favicon.ico
 maintainers:
   - name: madchap