django-DefectDojo icon indicating copy to clipboard operation
django-DefectDojo copied to clipboard
verified publisher icon DefectDojo

:sparkles: merge veracode

Open manuel-sommer opened this issue 1 year ago • 6 comments

merge veracode source clear with veracode

manuel-sommer avatar Feb 02 '24 13:02 manuel-sommer

Contextual Security Analysis

As DryRun Security performs checks, we’ll summarize them here. You can always dive into the detailed results in the section below for checks.

Status DryRun Security Check
Sensitive Functions Analyzer
Configured Sensitive Files Analyzer
Sensitive Files Analyzer

Chat with your AI-powered Security Buddy by typing @dryrunsecurity followed by your question into a comment. Example: @dryrunsecurity What are common security issues with web application cookies?

Install and configure more repositories at DryRun Security

dryrunsecurity[bot] avatar Feb 02 '24 13:02 dryrunsecurity[bot]

@Maffooch, the unittests with "fixtures = ['dojo_testdata.json']" fail because dojo_testdata.json contains Veracode Scan, but I don't know the real cause why it fails. What do I have to do to fix the unittests?

manuel-sommer avatar Feb 04 '24 16:02 manuel-sommer

I think the failing tests could be related to the creation of the Veracode Scan test type in the migration

Also curious about the Veracode SourceClear Scan that is being referenced in the migration, but not anywhere else in the code

Maffooch avatar Feb 06 '24 22:02 Maffooch

I think the failing tests could be related to the creation of the Veracode Scan test type in the migration

Then, I will just fix the failing tests.

Also curious about the Veracode SourceClear Scan that is being referenced in the migration, but not anywhere else in the code

The Veracode Source Clear Scan is in the migration as the exisiting Veracode Source Clear Scan parser is migrated to Veracode Scan to have one parser for the vendor Veracode with multiple scanners. This is also what I have done in the past with e.g. OpenVAS CSV and OpenVAS XML or Clair Klar Scan and Clair Scan

manuel-sommer avatar Feb 07 '24 07:02 manuel-sommer

@Maffooch or @kiblik, could you please help here? I am completely stuck on how to resolve the unittest problem here.

manuel-sommer avatar Feb 11 '24 22:02 manuel-sommer

@manuel-sommer I do not see anything glaringly obvious here. I can try to make some in the future to pull this down and just play around with it, but I cannot make strong commitment to that

Maffooch avatar Feb 20 '24 17:02 Maffooch

Shall I close this PR @mtesauro because of https://github.com/DefectDojo/django-DefectDojo/discussions/9690 ?

manuel-sommer avatar Mar 07 '24 19:03 manuel-sommer