Merge pull request DefectDojo#9893 from DefectDojo/release/2.33.1

Release: Merge release into master from: release/2.33.1

Author: Maffooch

.github/workflows/fetch-oas.yml

@@ -33,7 +33,7 @@ jobs:
              docker images
 
       - name: Start Dojo
-        run: docker-compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env up --no-deps -d postgres nginx uwsgi
+        run: docker compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env up --no-deps -d postgres nginx uwsgi
         env:
           DJANGO_VERSION: ${{ env.release_version }}-alpine
           NGINX_VERSION: ${{ env.release_version }}-alpine
@@ -44,11 +44,11 @@ jobs:
 
       - name: Logs
         if: always()
-        run: docker-compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env logs --tail="2500"
+        run: docker compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env logs --tail="2500"
 
       - name: Shutdown
         if: always()
-        run: docker-compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env down
+        run: docker compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env down
 
       - name: Upload oas.${{ matrix.file-type }} as artifact
         uses:  actions/upload-artifact@v3

.github/workflows/integration-tests.yml

@@ -5,7 +5,7 @@ on:
 
 jobs:
   integration_tests:
-    # run tests with docker-compose
+    # run tests with docker compose
     name: User Interface Tests
     runs-on: ubuntu-latest
     strategy:
@@ -61,34 +61,34 @@ jobs:
       # phased startup with MySQL and RabbitMQ so we can use the exit code from integrationtest container
       - name: Start Dojo MySQL + RabbitMQ
         if: matrix.profile == 'mysql-rabbitmq'
-        run: docker-compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps -d mysql nginx celerybeat celeryworker mailhog uwsgi rabbitmq
+        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps -d mysql nginx celerybeat celeryworker mailhog uwsgi rabbitmq
         env:
           DJANGO_VERSION: ${{ matrix.os }}
           NGINX_VERSION: ${{ matrix.os }}
 
       - name: Start Dojo PostgreSQL + Redis
         if: matrix.profile == 'postgres-redis'
-        run: docker-compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps -d postgres nginx celerybeat celeryworker mailhog uwsgi redis
+        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps -d postgres nginx celerybeat celeryworker mailhog uwsgi redis
         env:
           DJANGO_VERSION: ${{ matrix.os }}
           NGINX_VERSION: ${{ matrix.os }}
 
       - name: Initialize
-        run: docker-compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps --exit-code-from initializer initializer
+        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps --exit-code-from initializer initializer
         env:
           DJANGO_VERSION: ${{ matrix.os }}
           NGINX_VERSION: ${{ matrix.os }}
 
       - name: Integration tests
-        run: docker-compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps --exit-code-from integration-tests integration-tests
+        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps --exit-code-from integration-tests integration-tests
         env:
           DD_INTEGRATION_TEST_FILENAME: ${{ matrix.test-case }}
           INTEGRATION_TESTS_VERSION: debian
 
       - name: Logs
         if: always()
-        run: docker-compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env logs --tail="2500"
+        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env logs --tail="2500"
 
       - name: Shutdown
         if: always()
-        run: docker-compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env down
+        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env down

.github/workflows/rest-framework-tests.yml

@@ -28,24 +28,24 @@ jobs:
              docker load -i django/django-${{ matrix.os }}_img
              docker images
 
-      # run tests with docker-compose
+      # run tests with docker compose
       - name: Set unit-test mode
         run: docker/setEnv.sh unit_tests_cicd
 
       # phased startup so we can use the exit code from unit test container
       - name: Start MySQL
-        run: docker-compose --env-file ./docker/environments/mysql-redis.env up -d mysql
+        run: docker compose --env-file ./docker/environments/mysql-redis.env up -d mysql
 
       # no celery or initializer needed for unit tests
       - name: Unit tests
-        run: docker-compose --profile mysql-redis --env-file ./docker/environments/mysql-redis.env up --no-deps --exit-code-from uwsgi uwsgi
+        run: docker compose --profile mysql-redis --env-file ./docker/environments/mysql-redis.env up --no-deps --exit-code-from uwsgi uwsgi
         env:
           DJANGO_VERSION: ${{ matrix.os }}
 
       - name: Logs
         if: failure()
-        run: docker-compose --profile mysql-redis --env-file ./docker/environments/mysql-redis.env logs --tail="2500" uwsgi
+        run: docker compose --profile mysql-redis --env-file ./docker/environments/mysql-redis.env logs --tail="2500" uwsgi
 
       - name: Shutdown
         if: always()
-        run: docker-compose --profile mysql-redis --env-file ./docker/environments/mysql-redis.env down
+        run: docker compose --profile mysql-redis --env-file ./docker/environments/mysql-redis.env down

components/package.json

@@ -1,6 +1,6 @@
 {
   "name": "defectdojo",
-  "version": "2.33.0",
+  "version": "2.33.1",
   "license" : "BSD-3-Clause",
   "private": true,
   "dependencies": {

dojo/__init__.py

@@ -4,6 +4,6 @@
 # Django starts so that shared_task will use this app.
 from .celery import app as celery_app  # noqa: F401
 
-__version__ = '2.33.0'
+__version__ = '2.33.1'
 __url__ = 'https://github.com/DefectDojo/django-DefectDojo'
 __docs__ = 'https://documentation.defectdojo.com'

dojo/tools/generic/parser.py

@@ -173,7 +173,7 @@ def _get_findings_csv(self, filename):
                 title=row["Title"],
                 description=row["Description"],
                 date=parse(row["Date"]).date(),
-                severity=row["Severity"],
+                severity=self.get_severity(row["Severity"]),
                 duplicate=self._convert_bool(
                     row.get("Duplicate", "FALSE")
                 ),  # bool False by default
@@ -213,9 +213,6 @@ def _get_findings_csv(self, filename):
             # manage CWE
             if "CweId" in row:
                 finding.cwe = int(row["CweId"])
-            # FIXME remove this severity hack
-            if finding.severity == "Unknown":
-                finding.severity = "Info"
 
             if "CVSSV3" in row:
                 cvss_objects = cvss_parser.parse_cvss_from_text(row["CVSSV3"])
@@ -253,3 +250,9 @@ def _get_findings_csv(self, filename):
 
     def _convert_bool(self, val):
         return val.lower()[0:1] == "t"  # bool False by default
+
+    def get_severity(self, input):
+        if input in ["Info", "Low", "Medium", "High", "Critical"]:
+            return input
+        else:
+            return "Info"

dojo/tools/redhatsatellite/parser.py

@@ -60,7 +60,6 @@ def get_findings(self, filename, test):
             description += "**hosts_available_count:** " + str(hosts_available_count) + "\n"
             description += "**hosts_applicable_count:** " + str(hosts_applicable_count) + "\n"
             description += "**installable:** " + str(installable) + "\n"
-            description += "**cves:** " + str(cves) + "\n"
             description += "**bugs:** " + str(bugs) + "\n"
             description += "**module_streams:** " + str(module_streams) + "\n"
             find = Finding(
@@ -75,5 +74,8 @@ def get_findings(self, filename, test):
             if errata_id is not None:
                 find.unsaved_vulnerability_ids = list()
                 find.unsaved_vulnerability_ids.append(errata_id)
+            if cves is not None:
+                for cve in cves:
+                    find.unsaved_vulnerability_ids.append(cve["cve_id"])
             findings.append(find)
         return findings

dojo/tools/sslyze/parser_json.py

@@ -241,7 +241,7 @@ def get_items(self, tree, test):
 
 
 def get_heartbleed(node, test, endpoint):
-    if "heartbleed" in node:
+    if "heartbleed" in node and node["heartbleed"] is not None:
         heartbleed = node["heartbleed"]
         if heartbleed.get("status") == "NOT_SCHEDULED":
             return None

dojo/tools/whitehat_sentinel/parser.py

@@ -3,7 +3,7 @@
 import logging
 import re
 from typing import Union, List
-
+from datetime import datetime
 from dojo.models import Finding, Endpoint
 
 
@@ -203,6 +203,8 @@ def _convert_whitehat_sentinel_vulns_to_dojo_finding(
         for whitehat_vuln in whitehat_sentinel_vulns:
             date_created = whitehat_vuln["found"].split("T")[0]
             mitigated_ts = whitehat_vuln.get("closed".split("T")[0], None)
+            if mitigated_ts is not None:
+                mitigated_ts = datetime.strptime(mitigated_ts, "%Y-%m-%dT%H:%M:%SZ")
             cwe = self._parse_cwe_from_tags(
                 whitehat_vuln["attack_vectors"][0].get("scanner_tags", [])
             )

helm/defectdojo/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: "2.33.0"
+appVersion: "2.33.1"
 description: A Helm chart for Kubernetes to install DefectDojo
 name: defectdojo
-version: 1.6.118
+version: 1.6.119
 icon: https://www.defectdojo.org/img/favicon.ico
 maintainers:
   - name: madchap