Skip to content

Commit

Permalink
Merge pull request #8441 from DefectDojo/release/2.24.4
Browse files Browse the repository at this point in the history
Release: Merge release into master from: release/2.24.4
  • Loading branch information
Maffooch authored Jul 31, 2023
2 parents d827299 + 4e4b472 commit 967bf1b
Show file tree
Hide file tree
Showing 6 changed files with 48 additions and 21 deletions.
2 changes: 1 addition & 1 deletion components/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "defectdojo",
"version": "2.24.3",
"version": "2.24.4",
"license" : "BSD-3-Clause",
"private": true,
"dependencies": {
Expand Down
2 changes: 1 addition & 1 deletion dojo/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,6 @@
# Django starts so that shared_task will use this app.
from .celery import app as celery_app # noqa

__version__ = '2.24.3'
__version__ = '2.24.4'
__url__ = 'https://github.com/DefectDojo/django-DefectDojo'
__docs__ = 'https://documentation.defectdojo.com'
5 changes: 4 additions & 1 deletion dojo/finding/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -1156,7 +1156,10 @@ def edit_finding(request, fid):
fp.save_no_options()

if "request" in form.cleaned_data or "response" in form.cleaned_data:
burp_rr, _ = BurpRawRequestResponse.objects.get_or_create(finding=finding)
try:
burp_rr, _ = BurpRawRequestResponse.objects.get_or_create(finding=finding)
except BurpRawRequestResponse.MultipleObjectsReturned:
burp_rr = BurpRawRequestResponse.objects.filter(finding=finding).first()
burp_rr.burpRequestBase64 = base64.b64encode(
form.cleaned_data["request"].encode()
)
Expand Down
52 changes: 37 additions & 15 deletions dojo/reports/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -830,20 +830,27 @@ def get_foreign_keys():
'mitigated_by', 'reporter', 'review_requested_by', 'sonarqube_issue', 'test']


def get_attributes():
return ["sla_age", "sla_deadline", "sla_days_remaining"]


def csv_export(request):
findings, obj = get_findings(request)

response = HttpResponse(content_type='text/csv')
response['Content-Disposition'] = 'attachment; filename=findings.csv'

writer = csv.writer(response)

allowed_attributes = get_attributes()
excludes_list = get_excludes()
allowed_foreign_keys = get_attributes()
first_row = True

for finding in findings:
if first_row:
fields = []
for key in dir(finding):
if key not in get_excludes() and not callable(getattr(finding, key)) and not key.startswith('_'):
if key not in excludes_list and (not callable(getattr(finding, key)) or key in allowed_attributes) and not key.startswith('_'):
if callable(getattr(finding, key)) and key not in allowed_attributes:
continue
fields.append(key)
fields.append('test')
fields.append('found_by')
Expand All @@ -860,10 +867,16 @@ def csv_export(request):
if not first_row:
fields = []
for key in dir(finding):
if key not in get_excludes() and not callable(getattr(finding, key)) and not key.startswith('_'):
value = finding.__dict__.get(key)
if key in get_foreign_keys() and getattr(finding, key):
value = str(getattr(finding, key))
if key not in excludes_list and (not callable(getattr(finding, key)) or key in allowed_attributes) and not key.startswith('_'):
if not callable(getattr(finding, key)):
value = finding.__dict__.get(key)
if (key in allowed_foreign_keys or key in allowed_attributes) and getattr(finding, key):
if callable(getattr(finding, key)):
func = getattr(finding, key)
result = func()
value = result
else:
value = str(getattr(finding, key))
if value and isinstance(value, str):
value = value.replace('\n', ' NEWLINE ').replace('\r', '')
fields.append(value)
Expand Down Expand Up @@ -907,20 +920,23 @@ def csv_export(request):

def excel_export(request):
findings, obj = get_findings(request)

workbook = Workbook()
workbook.iso_dates = True
worksheet = workbook.active
worksheet.title = 'Findings'

font_bold = Font(bold=True)
allowed_attributes = get_attributes()
excludes_list = get_excludes()
allowed_foreign_keys = get_attributes()

row_num = 1
for finding in findings:
if row_num == 1:
col_num = 1
for key in dir(finding):
if key not in get_excludes() and not callable(getattr(finding, key)) and not key.startswith('_'):
if key not in excludes_list and (not callable(getattr(finding, key)) or key in allowed_attributes) and not key.startswith('_'):
if callable(getattr(finding, key)) and key not in allowed_attributes:
continue
cell = worksheet.cell(row=row_num, column=col_num, value=key)
cell.font = font_bold
col_num += 1
Expand Down Expand Up @@ -949,10 +965,16 @@ def excel_export(request):
if row_num > 1:
col_num = 1
for key in dir(finding):
if key not in get_excludes() and not callable(getattr(finding, key)) and not key.startswith('_'):
value = finding.__dict__.get(key)
if key in get_foreign_keys() and getattr(finding, key):
value = str(getattr(finding, key))
if key not in excludes_list and (not callable(getattr(finding, key)) or key in allowed_attributes) and not key.startswith('_'):
if not callable(getattr(finding, key)):
value = finding.__dict__.get(key)
if (key in allowed_foreign_keys or key in allowed_attributes) and getattr(finding, key):
if callable(getattr(finding, key)):
func = getattr(finding, key)
result = func()
value = result
else:
value = str(getattr(finding, key))
if value and isinstance(value, datetime):
value = value.replace(tzinfo=None)
worksheet.cell(row=row_num, column=col_num, value=value)
Expand Down
4 changes: 2 additions & 2 deletions helm/defectdojo/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
apiVersion: v2
appVersion: "2.24.3"
appVersion: "2.24.4"
description: A Helm chart for Kubernetes to install DefectDojo
name: defectdojo
version: 1.6.77
version: 1.6.78
icon: https://www.defectdojo.org/img/favicon.ico
maintainers:
- name: madchap
Expand Down
4 changes: 3 additions & 1 deletion readme-docs/DOCKER.md
Original file line number Diff line number Diff line change
Expand Up @@ -418,7 +418,9 @@ OpenSSL version: OpenSSL 1.0.1t 3 May 2016

In this case, both docker (version 17.09.0-ce) and docker-compose (1.18.0) need to be updated.

Follow [Dockers' documentation](https://docs.docker.com/install/) for your OS to get the latest version of Docker. For the docker command, most OSes have a built-in update mechanism like "apt upgrade".
**NOTE** - Docker Compose version 2.19.0 and greater includes syntax restrictions that are not compatible with our compose files. As a temporary workaround while a more complete solution is determined, please do not update docker compose to a version greater than 2.18.1.

Follow [Dockers' documentation](https://docs.docker.com/install/) for your OS to get the latest version of Docker* (see above Note). For the docker command, most OSes have a built-in update mechanism like "apt upgrade".

Docker Compose isn't packaged like Docker and you'll need to manually update an existing install if using Linux. For Linux, either follow the instructions in the [Docker Compose documentation](https://docs.docker.com/compose/install/) or use the shell script below. The script below will update docker-compose to the latest version automatically. You will need to make the script executable and have sudo privileges to upgrade docker-compose:

Expand Down

0 comments on commit 967bf1b

Please sign in to comment.