Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🎉 Add CGA vulnid #11441

Merged
merged 1 commit into from
Dec 27, 2024
Merged

🎉 Add CGA vulnid #11441

merged 1 commit into from
Dec 27, 2024

Conversation

manuel-sommer
Copy link
Contributor

No description provided.

@github-actions github-actions bot added the settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR label Dec 19, 2024
@dryrunsecurity DryRunSecurity
Copy link

DryRun Security Summary

The pull request updates the DefectDojo application's settings to add new vulnerability URL mappings and file upload types, enhancing the application's ability to provide comprehensive vulnerability information.

Expand for full summary

Summary:

The code changes in this pull request primarily focus on updating the settings.dist.py file for the DefectDojo application. The key changes include the addition of new vulnerability URL mappings for various vulnerability identifiers (e.g., CVE, GHSA, OSV, PYSEC, etc.) and the addition of a new vulnerability URL mapping for "CGA" (Chainguard Advisory). This allows the application to provide direct links to vulnerability information, which can be helpful for users to quickly access more details about the identified vulnerabilities. Additionally, the update to the FILE_UPLOAD_TYPES setting to include the ".cga" file extension suggests the application may be able to handle or process Chainguard Advisory files. Overall, these changes appear to be focused on improving the application's ability to provide more comprehensive vulnerability information to users by incorporating additional vulnerability data sources and advisory links, which can enhance the application's security capabilities.

Files Changed:

  • dojo/settings/settings.dist.py: This file has been updated to add new vulnerability URL mappings for various vulnerability identifiers, including CVE, GHSA, OSV, PYSEC, and CGA (Chainguard Advisory). The changes also include an update to the FILE_UPLOAD_TYPES setting to include the ".cga" file extension, suggesting the application may be able to handle or process Chainguard Advisory files.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@manuel-sommer manuel-sommer changed the title 🎉 added CGA vulnid 🎉 Add CGA vulnid Dec 19, 2024
mtesauro
mtesauro approved these changes Dec 26, 2024
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@mtesauro mtesauro merged commit 8a215b2 into DefectDojo:bugfix Dec 27, 2024
72 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Maffooch Maffooch Maffooch approved these changes

@mtesauro mtesauro mtesauro approved these changes

@cneill cneill cneill approved these changes

@grendel513 grendel513 grendel513 approved these changes

Assignees
No one assigned
Labels
settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@manuel-sommer @grendel513 @cneill @mtesauro @Maffooch