Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Finding Template: Correct save ordering #9088

Merged
merged 1 commit into from
Dec 1, 2023
Merged

Finding Template: Correct save ordering #9088

merged 1 commit into from
Dec 1, 2023

Conversation

Maffooch
Copy link
Contributor

@Maffooch Maffooch commented Dec 1, 2023

Corrects the order of object saves to prevent the following error:

Traceback (most recent call last):
  File "/usr/local/lib/python3.11/site-packages/django/core/handlers/exception.py", line 56, in inner
    response = get_response(request)
               ^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/dojo/authorization/authorization_decorators.py", line 45, in _wrapped
    return func(request, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/dojo/finding/views.py", line 2081, in add_template
    finding_helper.save_vulnerability_ids_template(
  File "/app/dojo/finding/helper.py", line 660, in save_vulnerability_ids_template
    Vulnerability_Id_Template(finding_template=finding_template, vulnerability_id=vulnerability_id).save()
  File "/usr/local/lib/python3.11/site-packages/django/db/models/base.py", line 768, in save
    self._prepare_related_fields_for_save(operation_name="save")
  File "/usr/local/lib/python3.11/site-packages/django/db/models/base.py", line 1079, in _prepare_related_fields_for_save
    raise ValueError(
ValueError: save() prohibited to prevent data loss due to unsaved related object 'finding_template'.

@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Dec 1, 2023

Contextual Security Analysis

As DryRun Security performs checks, we’ll summarize them here. You can always dive into the results in the section below for checks.

Status DryRun Security Check
Configured Sensitive Files Check
AI-powered Sensitive Files Check

Chat with your AI-powered Security Buddy by typing /dryrunsec: (or /drs:) followed by your question. Example: /dryrunsec: From a security perspective, what are some sensitive files in an Express application?

Install and configure more repositories at DryRun Security

mtesauro
mtesauro approved these changes Dec 1, 2023
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@blakeaowens blakeaowens merged commit 35808ed into DefectDojo:dev Dec 1, 2023
118 checks passed
tpat13 pushed a commit to tpat13/django-DefectDojo that referenced this pull request Dec 4, 2023
@Maffooch @tpat13
Finding Template: Correct save ordering (DefectDojo#9088)
9ee0605
@Maffooch Maffooch deleted the template branch February 21, 2024 17:03
blakeaowens pushed a commit that referenced this pull request Feb 28, 2024
@tpat13 @devGregA
@cneill @dependabot @manuel-sommer @veneber @renovate @Maffooch @renejal @kiblik
Nosey Parker Parser (#9067)
18ff583 
* Created _init_.py

* Created parser.py

* Update README.md (#9048)

* Fixing README links and formatting (#9022)

* fixing up some links/etc

* formatting

* more formatting, links, etc

* formatting table HTML

* Fixing links

* typo

* formatting, links

* typo; adding Aaron Weaver to hall of fame

* reorganizing

* Bump python-gitlab from 3.15.0 to 4.2.0 (#9064)

Bumps [python-gitlab](https://github.com/python-gitlab/python-gitlab) from 3.15.0 to 4.2.0.
- [Release notes](https://github.com/python-gitlab/python-gitlab/releases)
- [Changelog](https://github.com/python-gitlab/python-gitlab/blob/main/CHANGELOG.md)
- [Commits](python-gitlab/python-gitlab@v3.15.0...v4.2.0)

---
updated-dependencies:
- dependency-name: python-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump fontawesomefree from 6.4.2 to 6.5.0 (#9074)

Bumps [fontawesomefree](https://github.com/FortAwesome/Font-Awesome) from 6.4.2 to 6.5.0.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/6.x/CHANGELOG.md)
- [Commits](FortAwesome/Font-Awesome@6.4.2...6.5.0)

---
updated-dependencies:
- dependency-name: fontawesomefree
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* 🎉 added humble #8988 (#8989)

* 🎉 added humble

* fixed humble

* added endpoints

* fix according to comment

* fix according to review

* update

* added deduplication setting

* fix

* Bump social-auth-core from 4.5.0 to 4.5.1 (#9073)

Bumps [social-auth-core](https://github.com/python-social-auth/social-core) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/python-social-auth/social-core/releases)
- [Changelog](https://github.com/python-social-auth/social-core/blob/master/CHANGELOG.md)
- [Commits](python-social-auth/social-core@4.5.0...4.5.1)

---
updated-dependencies:
- dependency-name: social-auth-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Adding subcomponent labels for celery beat and worker (#9078)

* Update rabbitmq Docker tag from 3.12.9 to v3.12.10 (docker-compose.yml) (#9075)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) (#9082)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update redis:7.2.3-alpine Docker digest from 7.2.3 to 7.2.3-alpine (docker-compose.yml) (#9083)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Bump boto3 from 1.29.7 to 1.33.5 (#9085)

Bumps [boto3](https://github.com/boto/boto3) from 1.29.7 to 1.33.5.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](boto/boto3@1.29.7...1.33.5)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump fontawesomefree from 6.5.0 to 6.5.1 (#9086)

Bumps [fontawesomefree](https://github.com/FortAwesome/Font-Awesome) from 6.5.0 to 6.5.1.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/6.x/CHANGELOG.md)
- [Commits](FortAwesome/Font-Awesome@6.5.0...6.5.1)

---
updated-dependencies:
- dependency-name: fontawesomefree
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add logging statement for failed password reset validation logic (#9087)

* Finding Template: Correct save ordering (#9088)

* Feature/parser jfrog xray binary scan (#9015)

* new parser Jfrog Xray on Demand Binary Scan

* new parser Jfrog Xray on Demand Binary Scan

* delete blank line at end of file

* rename function

* More sample reports

* Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/settings/settings.dist.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/settings/settings.dist.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* First round of Improvements

* Drop duplicates in component_id and full_path

* Process per component

* Visual improvements

* Use+clean summary in Title, fix dedup, parse version, drop useless functions

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py

Co-authored-by: kiblik <kiblik@gjh.sk>

* fix test rename class

* Last Improvements and tests

* capitalization skills

---------

Co-authored-by: Tomas Kubla <tomas@kubla.sk>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: kiblik <kiblik@gjh.sk>

* Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) (#9089)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Nosey Parker Test Cases

* Updated Parser

* Bump cryptography from 41.0.5 to 41.0.7 (#9065)

Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.5 to 41.0.7.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@41.0.5...41.0.7)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* NoseyParker Parser Flake8 compliance

* NoseyParker fix for 0.16

* JSON lines fix

* Nosey Parker Parser: v0.16 fix

* Comma for consistency

* Flake8 requirements

* Update docs/content/en/integrations/parsers/file/noseyparker.md

* Update dojo/tools/noseyparker/parser.py

* Update docs/content/en/integrations/parsers/file/noseyparker.md

* Removed example JSONL file

* Add link to 0.16.0 Release

* Spacing

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Greg Anderson <greg.anderson@owasp.org>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: manuelsommer <47991713+manuel-sommer@users.noreply.github.com>
Co-authored-by: Manuel Venega <127304555+veneber@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Co-authored-by: renejal <40049733+renejal@users.noreply.github.com>
Co-authored-by: Tomas Kubla <tomas@kubla.sk>
Co-authored-by: kiblik <kiblik@gjh.sk>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blakeaowens blakeaowens blakeaowens approved these changes

@mtesauro mtesauro mtesauro approved these changes

@cneill cneill cneill approved these changes

@grendel513 grendel513 grendel513 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Maffooch @grendel513 @cneill @mtesauro @blakeaowens