fix(init): Initialzer has to fail if migration is not done#13754
fix(init): Initialzer has to fail if migration is not done#13754kiblik wants to merge 10000 commits intoDefectDojo:devfrom
Conversation
Bumps [pillow](https://github.com/python-pillow/Pillow) from 11.3.0 to 12.0.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@11.3.0...12.0.0) --- updated-dependencies: - dependency-name: pillow dependency-version: 12.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* tag based filtering: avoid duplicate rows in results * tag based filtering: avoid duplicate rows in results * improvements
…efectDojo#13428) Co-authored-by: rseleven <rseleven@github.com>
…13447) * fix(serializers): Update DojoGroupSerializer to handle empty permissions list * Accommodate the UserSerializer as well
* findings-report-api: fix 404 errors * findings-report-api: fix 404 errors
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.0 to 0.14.1. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.14.0...0.14.1) --- updated-dependencies: - dependency-name: ruff dependency-version: 0.14.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.40.53 to 1.40.54. - [Release notes](https://github.com/boto/boto3/releases) - [Commits](boto/boto3@1.40.53...1.40.54) --- updated-dependencies: - dependency-name: boto3 dependency-version: 1.40.54 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…g with kroki (DefectDojo#13456) * Replace webhook state transition diagram with PNG instead of rendering with kroki * Apply suggestion from @Maffooch
Co-authored-by: Ross E Esposito <ross@defectdojo.com>
* Update wiz.md * update changelog * update wiz parser * correct changelog entry --------- Co-authored-by: Paul Osinski <paul.m.osinski@gmail.com> Co-authored-by: Matt Tesauro <mtesauro@gmail.com>
* Update wiz.md * add Anchore Connector documentation --------- Co-authored-by: Paul Osinski <paul.m.osinski@gmail.com>
…rics Fix incorrect (inflated) numbers in top 10 metrics
* deduplication: add more importer unit tests * deduplication: add more importer unit tests * uncomment tests * add more assessments
…efectDojo#13460) * view_finding: show unique_id_from_tool with hash_code * view_finding: show unique_id_from_tool with hash_code
…13464) * deduplication logic: add missing tests * deduplication logic: add docs * deduplication logic: add docs
Bumps [python-gitlab](https://github.com/python-gitlab/python-gitlab) from 6.4.0 to 6.5.0. - [Release notes](https://github.com/python-gitlab/python-gitlab/releases) - [Changelog](https://github.com/python-gitlab/python-gitlab/blob/main/CHANGELOG.md) - [Commits](python-gitlab/python-gitlab@v6.4.0...v6.5.0) --- updated-dependencies: - dependency-name: python-gitlab dependency-version: 6.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.40.54 to 1.40.55. - [Release notes](https://github.com/boto/boto3/releases) - [Commits](boto/boto3@1.40.54...1.40.55) --- updated-dependencies: - dependency-name: boto3 dependency-version: 1.40.55 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: kiblik <5609770+kiblik@users.noreply.github.com>
|
This pull request leaves the entrypoint script continuing startup even when migrations are missing — it sets a non‑zero return code but proceeds with initialization and only exits later, which can let the app run against an outdated schema and risk security or data integrity issues. The problematic logic is in docker/entrypoint-initializer.sh (lines ~135–138) where missing migrations are reported but startup is not halted immediately.
Improper Error Handling of Missing Migrations in
|
| Vulnerability | Improper Error Handling of Missing Migrations |
|---|---|
| Description | The script detects missing database migrations and sets a return code of 52. However, it explicitly states 'Continuing startup despite missing migrations...' and proceeds with further initialization steps before eventually exiting with the non-zero return code. This allows the application to attempt to start and potentially run in an inconsistent state with an outdated database schema. If recent migrations included security-critical changes (e.g., new access control mechanisms, validation constraints, or data integrity rules), their absence could lead to exploitable security vulnerabilities. |
django-DefectDojo/docker/entrypoint-initializer.sh
Lines 135 to 138 in defd3d4
All finding details can be found in the DryRun Security Dashboard.
valentijnscholten
left a comment
valentijnscholten
left a comment
There was a problem hiding this comment.
I think it has always been a warning. Then I made it stricter at some point. Then during this PR I think I realized users are locked out if they make changes but can no longer start Defect Dojo anymore to run makemigrations. Now would probably be a good time to add to the DOCKER.md how users (developers) can make new migrations. I think we still need to do something like starting uwsgi and postgress with --no-deps.
I'm not sure about starting uwsgi. It easily create confusion, why service is started but failing with some unrelated error. User will see that UI is not able to access not existing field, not that he did not perform migration. What about extending |
|
We need to provide instructions to users/developers on how to create a migration. It's not clear currently. |
I have been bit by this before, and my solution was to back out my model changes, start the app, reapply changes, and then make the new migrations. I'm not quite sure how to capture that in documentation |
|
What I do is |
|
^ that is better advice! It should be included in the docs somewhere before we can move forward on this one |
|
Converting to draft for now |
|
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
20 participants
Since #13169, we are avoiding failure of
docker/entrypoint-initializer.sh, which is understandable in the related context; however, it is not the best behavior. If migration is missing, we shouldexitwith some error code; otherwise, it is easy to miss bugs in implementation.