Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🎇 refactor sonarqube and add JSON parsing for api export #9734

Merged
merged 26 commits into from
Apr 3, 2024
Merged

🎇 refactor sonarqube and add JSON parsing for api export #9734

merged 26 commits into from
Apr 3, 2024

Conversation

manuel-sommer
Copy link
Contributor

@manuel-sommer manuel-sommer commented Mar 13, 2024
edited
Loading

@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Mar 13, 2024
edited
Loading

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
Sensitive Functions Analyzer 0 findings
Configured Sensitive Files Analyzer 0 findings
Sensitive Files Analyzer 0 findings

Note

🟢 Risk threshold not exceeded.

Tip

Get answers to your security questions. Add a comment in this PR starting with @DryRunSecurity. For example...

@dryrunsecurity What are common security issues with web application cookies?

Powered by DryRun Security

@manuel-sommer manuel-sommer marked this pull request as draft March 13, 2024 16:23
@manuel-sommer manuel-sommer marked this pull request as ready for review March 14, 2024 08:48
@github-actions github-actions bot added the docs label Mar 14, 2024
@manuel-sommer manuel-sommer requested a review from mtesauro March 14, 2024 19:08
@mtesauro
Copy link
Contributor

@manuel-sommer Thanks for the changes - probably shouldn't have tried to review this when I had so little time since I mis-read a couple of things in my hurry.

mtesauro
mtesauro approved these changes Mar 15, 2024
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@manuel-sommer
Copy link
Contributor Author

Hi @mtesauro, could we merge this before the next release? I would appreciate it as I would need it. Only one review is pending.

@manuel-sommer
Copy link
Contributor Author

@cneill could you take a look here please?

cneill
cneill requested changes Mar 30, 2024
View reviewed changes
dojo/tools/sonarqube/parser.py Outdated Show resolved Hide resolved
dojo/tools/sonarqube/parser.py Outdated Show resolved Hide resolved
@manuel-sommer manuel-sommer requested a review from cneill March 30, 2024 00:20
@manuel-sommer
Copy link
Contributor Author

Hi @cneill, I changed the code according to your review, but I have no clue why ruff fails now. The references are right, but not detected from ruff.

@manuel-sommer manuel-sommer requested a review from cneill March 30, 2024 08:40
@manuel-sommer
Copy link
Contributor Author

Done, thank you for your input and review @cneill. 😄
It would be nice if you could merge it before the next release.

@mtesauro mtesauro merged commit f005661 into DefectDojo:dev Apr 3, 2024
121 checks passed
@manuel-sommer manuel-sommer deleted the rework_sonarqube branch April 3, 2024 15:10
manuel-sommer added a commit to manuel-sommer/django-DefectDojo that referenced this pull request Apr 3, 2024
@manuel-sommer
🎇 refactor sonarqube and add JSON parsing for api export (DefectDojo#…
4261783 
…9734)

* 🎇 refactor sonarqube and add JSON parsing for api export

* 🚧 start with api json

* continue work

* update

* update

* fix

* 🎉 also advance to support multiple files at once via zip due to pagination

* advance unittests

* advance documentation

* update documentation

* update documentation

* add tags to distinguish between findings

* :pencile: docs

* add cve

* add cwe

* add cvssscore

* 💄

* 🎉 add components

* add ghsa

* 🐛 fix for empty zip file

* empty json file

* fix documentation

* 🐛 fix for different message structure

* parse hotspots

* fix according to review

* ruff
hblankenship pushed a commit to hblankenship/django-DefectDojo that referenced this pull request Apr 26, 2024
@manuel-sommer @hblankenship
🎇 refactor sonarqube and add JSON parsing for api export (DefectDojo#…
93ae1f0 
…9734)

* 🎇 refactor sonarqube and add JSON parsing for api export

* 🚧 start with api json

* continue work

* update

* update

* fix

* 🎉 also advance to support multiple files at once via zip due to pagination

* advance unittests

* advance documentation

* update documentation

* update documentation

* add tags to distinguish between findings

* :pencile: docs

* add cve

* add cwe

* add cvssscore

* 💄

* 🎉 add components

* add ghsa

* 🐛 fix for empty zip file

* empty json file

* fix documentation

* 🐛 fix for different message structure

* parse hotspots

* fix according to review

* ruff
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blakeaowens blakeaowens blakeaowens approved these changes

@Maffooch Maffooch Maffooch approved these changes

@mtesauro mtesauro mtesauro approved these changes

@cneill cneill cneill approved these changes

Assignees
No one assigned
Labels
docs parser unittests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@manuel-sommer @mtesauro @cneill @Maffooch @blakeaowens