fix: update Qualys parser to support port-based findings#14288
Open
ArnaavSinghSandhu wants to merge 10000 commits intoDefectDojo:devfrom
Open
fix: update Qualys parser to support port-based findings#14288ArnaavSinghSandhu wants to merge 10000 commits intoDefectDojo:devfrom
ArnaavSinghSandhu wants to merge 10000 commits intoDefectDojo:devfrom
Conversation
…efectDojo#14026) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…Dojo#14021) Bumps [pdfmake](https://github.com/bpampuch/pdfmake) from 0.2.21 to 0.3.0. - [Release notes](https://github.com/bpampuch/pdfmake/releases) - [Changelog](https://github.com/bpampuch/pdfmake/blob/master/CHANGELOG.md) - [Commits](bpampuch/pdfmake@0.2.21...0.3.0) --- updated-dependencies: - dependency-name: pdfmake dependency-version: 0.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.45 to 3.1.46. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](gitpython-developers/GitPython@3.1.45...3.1.46) --- updated-dependencies: - dependency-name: gitpython dependency-version: 3.1.46 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…json) (DefectDojo#14023) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [celery](https://github.com/celery/celery) from 5.6.0 to 5.6.1. - [Release notes](https://github.com/celery/celery/releases) - [Changelog](https://github.com/celery/celery/blob/main/Changelog.rst) - [Commits](celery/celery@v5.6.0...v5.6.1) --- updated-dependencies: - dependency-name: celery dependency-version: 5.6.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ckerfile.integration-tests-debian) (DefectDojo#14008) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Add permission classes and refine queryset in BurpRawRequestResponseViewSet
docs: add new page on custom trust
[docs] Pro changelog: Dec 30
[docs] create sitemap at root on Hugo deploy
Release 2.54.0: Merge Bugfix into Dev
Release: Merge release into master from: release/2.54.0
…x/2.54.0-2.55.0-dev Release: Merge back 2.54.0 into bugfix from: master-into-bugfix/2.54.0-2.55.0-dev
….54.0-2.55.0-dev Release: Merge back 2.54.0 into dev from: master-into-dev/2.54.0-2.55.0-dev
…14030) Bumps [django-polymorphic](https://github.com/jazzband/django-polymorphic) from 4.5.2 to 4.6.0. - [Release notes](https://github.com/jazzband/django-polymorphic/releases) - [Changelog](https://github.com/jazzband/django-polymorphic/blob/master/docs/changelog.rst) - [Commits](jazzband/django-polymorphic@v4.5.2...v4.6.0) --- updated-dependencies: - dependency-name: django-polymorphic dependency-version: 4.6.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Clarify the migration process for django-pghistory tables.
* remove dojo_model_to/from_id decorator * remove dojo_model_from/to_id * remove dojo_model_from/to_id * remove dojo_model_from/to_id * remove dojo_model_from/to_id * fix tests * remove leftover signature methods * fix test counts * fix test counts * fix test counts * Update dojo/settings/settings.dist.py Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> * fix test --------- Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
* Revise README for Docker Compose V2 updates Updated README to reflect changes for Docker Compose V2 and removed outdated V1 instructions. * Revise demo links and installation options in README Updated demo environment description and installation options. * Fix Slack community link and improve wording Updated Slack community link and adjusted text for clarity. * Revise social media links and Slack community invitation Updated social media links and community invitation text. * Add files via upload * Update Slack logo link and Twitter image source * Update image sources in README.md * Fix image height in Community section of README * Add files via upload * Update image height in README.md * Revise community portal and Pro edition details Updated community engagement links and enhanced Pro edition description. * Fix formatting in installation options section * Update README.md * Update README.md --------- Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Bumps [django-dbbackup](https://github.com/Archmonger/django-dbbackup) from 5.1.0 to 5.1.1. - [Release notes](https://github.com/Archmonger/django-dbbackup/releases) - [Changelog](https://github.com/Archmonger/django-dbbackup/blob/master/CHANGELOG.md) - [Commits](Archmonger/django-dbbackup@5.1.0...5.1.1) --- updated-dependencies: - dependency-name: django-dbbackup dependency-version: 5.1.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…14060) Bumps [django-polymorphic](https://github.com/jazzband/django-polymorphic) from 4.6.0 to 4.8.0. - [Release notes](https://github.com/jazzband/django-polymorphic/releases) - [Changelog](https://github.com/jazzband/django-polymorphic/blob/master/docs/changelog.rst) - [Commits](jazzband/django-polymorphic@v4.6.0...v4.8.0) --- updated-dependencies: - dependency-name: django-polymorphic dependency-version: 4.8.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
….55.2-2.56.0-dev Release: Merge back 2.55.2 into dev from: master-into-dev/2.55.2-2.56.0-dev
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.14 to 0.15.0. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.14.14...0.15.0) --- updated-dependencies: - dependency-name: ruff dependency-version: 0.15.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
….12 to v (dockerfile.nginx-alpine) (DefectDojo#14263) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…3.12 to v (dockerfile.integration-tests-debian) (DefectDojo#14264) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [setuptools](https://github.com/pypa/setuptools) from 80.10.2 to 82.0.0. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst) - [Commits](pypa/setuptools@v80.10.2...v82.0.0) --- updated-dependencies: - dependency-name: setuptools dependency-version: 82.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ArnaavSinghSandhu
requested review from
Maffooch and
mtesauro
as code owners
…b/workflows/renovate.yaml) (DefectDojo#14268) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…o#14258) Bumps [django-polymorphic](https://github.com/jazzband/django-polymorphic) from 4.10.5 to 4.11.0. - [Release notes](https://github.com/jazzband/django-polymorphic/releases) - [Commits](jazzband/django-polymorphic@v4.10.5...v4.11.0) --- updated-dependencies: - dependency-name: django-polymorphic dependency-version: 4.11.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Contributor
|
@ArnaavSinghSandhu something I had not considered sooner is that what happens to existing qualys findings after this parser change? Would the endpoint from previous imports still continue to be matched, or would they be marked as mitigated, and new endpoints with ports be created? |
Bumps [markdown](https://github.com/Python-Markdown/markdown) from 3.10.1 to 3.10.2. - [Release notes](https://github.com/Python-Markdown/markdown/releases) - [Changelog](https://github.com/Python-Markdown/markdown/blob/master/docs/changelog.md) - [Commits](Python-Markdown/markdown@3.10.1...3.10.2) --- updated-dependencies: - dependency-name: markdown dependency-version: 3.10.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [redis](https://github.com/redis/redis-py) from 7.1.0 to 7.1.1. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v7.1.0...v7.1.1) --- updated-dependencies: - dependency-name: redis dependency-version: 7.1.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
) Bumps [social-auth-core](https://github.com/python-social-auth/social-core) from 4.8.3 to 4.8.5. - [Release notes](https://github.com/python-social-auth/social-core/releases) - [Changelog](https://github.com/python-social-auth/social-core/blob/master/CHANGELOG.md) - [Commits](python-social-auth/social-core@4.8.3...4.8.5) --- updated-dependencies: - dependency-name: social-auth-core dependency-version: 4.8.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…lidate_docs_build.yml) (DefectDojo#14294) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…ub/workflows/release-x-manual-docker-containers.yml) (DefectDojo#14299) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Bumps [django-dbbackup](https://github.com/Archmonger/django-dbbackup) from 5.1.2 to 5.2.0. - [Release notes](https://github.com/Archmonger/django-dbbackup/releases) - [Changelog](https://github.com/Archmonger/django-dbbackup/blob/master/CHANGELOG.md) - [Commits](Archmonger/django-dbbackup@5.1.2...5.2.0) --- updated-dependencies: - dependency-name: django-dbbackup dependency-version: 5.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ows/k8s-tests.yml) (DefectDojo#14303) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…t.yaml) (DefectDojo#14304) * Update valkey Docker tag from 0.15.3 to v0.15.4 (helm/defectdojo/Chart.yaml) * update Helm documentation --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Bumps vulners from 3.1.5 to 3.1.6. --- updated-dependencies: - dependency-name: vulners dependency-version: 3.1.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…v1.35.1 (.github/workflows/k8s-tests.yml) (DefectDojo#14310) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Author
|
That's a good point, @Maffooch. Since the endpoint string is changing from just the IP to IP:Port, DefectDojo will indeed treat them as new EndPoint objects. On the next import: The old Endpoints (IP only) will likely be marked as mitigated because they are no longer present in the scan file in that exact format. The new Endpoints (IP:Port) will be created. However, because we removed endpoints from the get_dedupe_fields (as per your request), the Findings themselves will not duplicate. They will simply point to the new, more accurate endpoints. |
Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.4 to 46.0.5. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@46.0.4...46.0.5) --- updated-dependencies: - dependency-name: cryptography dependency-version: 46.0.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ArnaavSinghSandhu
force-pushed
the
fix-qualys-port-deduplication-V2
branch
from
06fb3c8 to
61604ad
Compare
ArnaavSinghSandhu
force-pushed
the
fix-qualys-port-deduplication-V2
branch
from
61604ad to
34512a6
Compare
Contributor
|
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR replaces #14269
Changes:
Rebased: The branch is now fully up to date with the latest dev branch.
Parser Update: Improved port extraction logic in the Qualys parser.
Deduplication: As requested by @Maffooch, I have removed endpoints and port from the get_dedupe_fields list to maintain the existing deduplication behavior while still improving the data extraction.
Formatting: Ran ruff to ensure all linting and formatting follow the project's style guide.