django-DefectDojo icon indicating copy to clipboard operation
django-DefectDojo copied to clipboard
verified publisher icon DefectDojo

Wizcli improvements

Open OsamaMahmood opened this issue 7 months ago • 7 comments

Description

  1. Core Functionality:
  • Implemented a robust parsing system for different types of Wiz CLI scan results:
    • Library vulnerabilities
    • Secrets detection
    • OS package vulnerabilities
    • Infrastructure as Code (IaC) rule matches
  1. Deduplication Improvements:
  • Enhanced the _generate_unique_id method to ensure consistent finding deduplication using unique_id_from_tool:
    • Now uses sorted components for stable hash generation
    • Properly handles None values and whitespace
    • Fixed docstring formatting and code style issues
    • Components are now consistently ordered regardless of input order

Checklist

This checklist is for your information.

  • [x] Make sure to rebase your PR against the very latest dev.
  • [ ] Features/Changes should be submitted against the dev.
  • [x] Bugfixes should be submitted against the bugfix branch.
  • [x] Give a meaningful name to your PR, as it may end up being used in the release notes.
  • [x] Your code is flake8 compliant.
  • [x] Your code is python 3.11 compliant.
  • [ ] If this is a new feature and not a bug fix, you've included the proper documentation in the docs at https://github.com/DefectDojo/django-DefectDojo/tree/dev/docs as part of this PR.
  • [ ] Model changes must include the necessary migrations in the dojo/db_migrations folder.
  • [ ] Add applicable tests to the unit tests.
  • [ ] Add the proper label to categorize your PR.

OsamaMahmood avatar May 14 '25 13:05 OsamaMahmood