Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add logging statement for failed password reset validation logic #9087

Merged
merged 1 commit into from
Dec 1, 2023
Merged

Add logging statement for failed password reset validation logic #9087

merged 1 commit into from
Dec 1, 2023

Conversation

Maffooch
Copy link
Contributor

@Maffooch Maffooch commented Dec 1, 2023

Add some error logging to SMTP server failures when attempting to reset user password

[01/Dec/2023 03:15:20] ERROR [dojo.user.views:647] SMTP Server Connection Failure: [Errno 111] Connection refused

@github-actions github-actions bot added the docker label Dec 1, 2023
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Dec 1, 2023

Contextual Security Analysis

As DryRun Security performs checks, we’ll summarize them here. You can always dive into the results in the section below for checks.

Status DryRun Security Check
Configured Sensitive Files Check
AI-powered Sensitive Files Check

Chat with your AI-powered Security Buddy by typing /dryrunsec: (or /drs:) followed by your question. Example: /dryrunsec: From a security perspective, what are some sensitive files in an Express application?

Install and configure more repositories at DryRun Security

mtesauro
mtesauro approved these changes Dec 1, 2023
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@devGregA devGregA merged commit 5857833 into DefectDojo:dev Dec 1, 2023
118 checks passed
tpat13 pushed a commit to tpat13/django-DefectDojo that referenced this pull request Dec 4, 2023
@Maffooch @tpat13
Add logging statement for failed password reset validation logic (Def…
cd83b00 
…ectDojo#9087)
@Maffooch Maffooch deleted the log branch February 6, 2024 21:10
blakeaowens pushed a commit that referenced this pull request Feb 28, 2024
@tpat13 @devGregA
@cneill @dependabot @manuel-sommer @veneber @renovate @Maffooch @renejal @kiblik
Nosey Parker Parser (#9067)
18ff583 
* Created _init_.py

* Created parser.py

* Update README.md (#9048)

* Fixing README links and formatting (#9022)

* fixing up some links/etc

* formatting

* more formatting, links, etc

* formatting table HTML

* Fixing links

* typo

* formatting, links

* typo; adding Aaron Weaver to hall of fame

* reorganizing

* Bump python-gitlab from 3.15.0 to 4.2.0 (#9064)

Bumps [python-gitlab](https://github.com/python-gitlab/python-gitlab) from 3.15.0 to 4.2.0.
- [Release notes](https://github.com/python-gitlab/python-gitlab/releases)
- [Changelog](https://github.com/python-gitlab/python-gitlab/blob/main/CHANGELOG.md)
- [Commits](python-gitlab/python-gitlab@v3.15.0...v4.2.0)

---
updated-dependencies:
- dependency-name: python-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump fontawesomefree from 6.4.2 to 6.5.0 (#9074)

Bumps [fontawesomefree](https://github.com/FortAwesome/Font-Awesome) from 6.4.2 to 6.5.0.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/6.x/CHANGELOG.md)
- [Commits](FortAwesome/Font-Awesome@6.4.2...6.5.0)

---
updated-dependencies:
- dependency-name: fontawesomefree
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* 🎉 added humble #8988 (#8989)

* 🎉 added humble

* fixed humble

* added endpoints

* fix according to comment

* fix according to review

* update

* added deduplication setting

* fix

* Bump social-auth-core from 4.5.0 to 4.5.1 (#9073)

Bumps [social-auth-core](https://github.com/python-social-auth/social-core) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/python-social-auth/social-core/releases)
- [Changelog](https://github.com/python-social-auth/social-core/blob/master/CHANGELOG.md)
- [Commits](python-social-auth/social-core@4.5.0...4.5.1)

---
updated-dependencies:
- dependency-name: social-auth-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Adding subcomponent labels for celery beat and worker (#9078)

* Update rabbitmq Docker tag from 3.12.9 to v3.12.10 (docker-compose.yml) (#9075)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) (#9082)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update redis:7.2.3-alpine Docker digest from 7.2.3 to 7.2.3-alpine (docker-compose.yml) (#9083)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Bump boto3 from 1.29.7 to 1.33.5 (#9085)

Bumps [boto3](https://github.com/boto/boto3) from 1.29.7 to 1.33.5.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](boto/boto3@1.29.7...1.33.5)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump fontawesomefree from 6.5.0 to 6.5.1 (#9086)

Bumps [fontawesomefree](https://github.com/FortAwesome/Font-Awesome) from 6.5.0 to 6.5.1.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/6.x/CHANGELOG.md)
- [Commits](FortAwesome/Font-Awesome@6.5.0...6.5.1)

---
updated-dependencies:
- dependency-name: fontawesomefree
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add logging statement for failed password reset validation logic (#9087)

* Finding Template: Correct save ordering (#9088)

* Feature/parser jfrog xray binary scan (#9015)

* new parser Jfrog Xray on Demand Binary Scan

* new parser Jfrog Xray on Demand Binary Scan

* delete blank line at end of file

* rename function

* More sample reports

* Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/settings/settings.dist.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/settings/settings.dist.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* First round of Improvements

* Drop duplicates in component_id and full_path

* Process per component

* Visual improvements

* Use+clean summary in Title, fix dedup, parse version, drop useless functions

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* fix test rename class

* Last Improvements and tests

* capitalization skills

---------

Co-authored-by: Tomas Kubla <tomas@kubla.sk>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: kiblik <kiblik@gjh.sk>

* Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) (#9089)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Nosey Parker Test Cases

* Updated Parser

* Bump cryptography from 41.0.5 to 41.0.7 (#9065)

Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.5 to 41.0.7.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@41.0.5...41.0.7)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* NoseyParker Parser Flake8 compliance

* NoseyParker fix for 0.16

* JSON lines fix

* Nosey Parker Parser: v0.16 fix

* Comma for consistency

* Flake8 requirements

* Update docs/content/en/integrations/parsers/file/noseyparker.md

* Update dojo/tools/noseyparker/parser.py

* Update docs/content/en/integrations/parsers/file/noseyparker.md

* Removed example JSONL file

* Add link to 0.16.0 Release

* Spacing

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Greg Anderson <greg.anderson@owasp.org>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: manuelsommer <47991713+manuel-sommer@users.noreply.github.com>
Co-authored-by: Manuel Venega <127304555+veneber@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Co-authored-by: renejal <40049733+renejal@users.noreply.github.com>
Co-authored-by: Tomas Kubla <tomas@kubla.sk>
Co-authored-by: kiblik <kiblik@gjh.sk>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@devGregA devGregA devGregA approved these changes

@mtesauro mtesauro mtesauro approved these changes

@cneill cneill cneill approved these changes

@grendel513 grendel513 grendel513 approved these changes

Assignees
No one assigned
Labels
docker
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Maffooch @grendel513 @cneill @mtesauro @devGregA