dependency-track icon indicating copy to clipboard operation
dependency-track copied to clipboard
verified publisher icon DependencyTrack

feat: add property to control Verified flag in DefectDojo integration

Open Malaydewangan09 opened this issue 1 year ago • 2 comments

Description

Added a new configurable property to manage the "Verified" flag in DefectDojo integration. This allows users to control whether or not the "Verified" flag should be set when uploading findings to DefectDojo.

Addressed Issue

Addresses issue #3389.

Additional Details

Checklist

  • [x] I have read and understand the contributing guidelines
  • [ ] This PR fixes a defect, and I have provided tests to verify that the fix is effective
  • [ ] This PR implements an enhancement, and I have provided tests to verify that it works as intended
  • [ ] This PR introduces changes to the database model, and I have added corresponding update logic
  • [ ] This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

Malaydewangan09 avatar Oct 17 '24 15:10 Malaydewangan09

I like the feature. But all Defect Dojo settings are currently in the UI/API, shouldn't this one be in the UI/API as well?

valentijnscholten avatar Oct 19 '24 16:10 valentijnscholten

@valentijnscholten, I couldn't get it Could you please brief it once? Thanks!

Malaydewangan09 avatar Oct 19 '24 17:10 Malaydewangan09

I mean the setting should go here:

For global/default value:

image

For per project value/override:

image

Docs of current integration: https://docs.dependencytrack.org/integrations/defectdojo/

valentijnscholten avatar Oct 21 '24 12:10 valentijnscholten

Hey @nscuro @msymons Can you please check this once? Thanks!

Malaydewangan09 avatar Oct 24 '24 12:10 Malaydewangan09

Thanks @nscuro I'll update these in a bit.

Malaydewangan09 avatar Oct 26 '24 17:10 Malaydewangan09

Hey @nscuro I have updated the changes Please check once. Thanks!

Malaydewangan09 avatar Oct 26 '24 18:10 Malaydewangan09

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation Diff coverage
:white_check_mark: -0.05% (target: -1.00%) :white_check_mark: 90.00% (target: 70.00%)
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (1df119ee9fe9b97d084e91d02fa58ebd780d2dcc) 22549 17853 79.17%
Head commit (23ddec3a95f476c2ca12c1001087eae92ced3efb) 22542 (-7) 17837 (-16) 79.13% (-0.05%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#4273) 10 9 90.00%

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

Codacy stopped sending the deprecated coverage status on June 5th, 2024. Learn more

codacy-production[bot] avatar Oct 26 '24 18:10 codacy-production[bot]