django-DefectDojo icon indicating copy to clipboard operation
django-DefectDojo copied to clipboard

Published 20 hours ago verified publisher icon DefectDojo

Estimated remediation date

Open 37b opened this issue 2 years ago • 14 comments

This PR adds a new field to the Finding model to store the Planned Remediation Date. This is used to track progress towards remediation and to indicate to security teams that the Finding is being triaged. This is useful to organizations without Jira.

37b avatar May 14 '22 17:05 37b

Closing while I read more on migrations

37b avatar May 16 '22 18:05 37b

I am still trying to figure out the best way to get the migration file from the container to version control. I don't expect this PR will be completed, but am looking for feedback on the change and the approach.

37b avatar May 17 '22 18:05 37b

@37b If you are using the dev environment, then the working directory is bind mounted. Once you make the migrations from the uwsgi container, it will also be created on the host machine and be in version control.

For this PR though, there is a few extra fields in the migration that I am not sure how they made it into. Beyond that, and some of the formatting changes, the PR looks good overall!

Maffooch avatar May 21 '22 00:05 Maffooch

@37b If you are using the dev environment, then the working directory is bind mounted. Once you make the migrations from the uwsgi container, it will also be created on the host machine and be in version control.

For this PR though, there is a few extra fields in the migration that I am not sure how they made it into. Beyond that, and some of the formatting changes, the PR looks good overall!

@cody-m-tibco

Thanks for the info. I was having trouble running locally and knew it was related to the M1 Mac (ARM) but didn't have time to look into a fix. It was pretty simple - just needed to add profile: linux/amd64 to the compose file. I'll redo the migrations and fix failing tests.

37b avatar May 21 '22 01:05 37b

@cody-m-tibco Are some of these tests broken overall? I can't get them to pass using a clean dev branch

37b avatar May 27 '22 20:05 37b

@37b I looked at each of the failing tests and it is the same test at each level that is failing. It is when creating a finding manually. I image selenium is getting hung up on the extra field on the page. You can run the tests manually by following this guide

I also recommend commenting out this line to see where the hang up is directly on the page

Maffooch avatar May 27 '22 20:05 Maffooch

@Maffooch Thanks for your help with the tests - I am still getting my bearings with Django development.

37b avatar May 28 '22 03:05 37b

This pull request has conflicts, please resolve those before we can evaluate the pull request.

github-actions[bot] avatar Jun 21 '22 03:06 github-actions[bot]

Conflicts have been resolved. A maintainer will review the pull request shortly.

github-actions[bot] avatar Jun 27 '22 18:06 github-actions[bot]

@37b targeting next release for getting this merged. Thank you for your PR!

devGregA avatar Jun 28 '22 17:06 devGregA

This pull request has conflicts, please resolve those before we can evaluate the pull request.

github-actions[bot] avatar Jul 26 '22 17:07 github-actions[bot]

Conflicts have been resolved. A maintainer will review the pull request shortly.

github-actions[bot] avatar Jul 27 '22 12:07 github-actions[bot]

@StefanFl @Maffooch Finally got this going, can you give it another look?

37b avatar Sep 20 '22 18:09 37b

Looks okay to me after the compose file is removed from the commit

@StefanFl what do you think?

Maffooch avatar Sep 21 '22 02:09 Maffooch