Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix aqua parser #10585 #10725

Merged
merged 5 commits into from
Aug 12, 2024
Merged

fix aqua parser #10585 #10725

merged 5 commits into from
Aug 12, 2024

Conversation

manuel-sommer
Copy link
Contributor

see discussion in #10585

@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Aug 9, 2024
edited
Loading

DryRun Security Summary

The provided code changes focus on improving the unit tests for the AquaParser class and enhancing the functionality of the vulnerability_tree function in the dojo/tools/aqua/parser.py file to handle "sensitive items" and provide more context about the affected resources in the Aqua Security scan report.

Expand for full summary

Summary:

The provided code changes are focused on improving the unit tests for the AquaParser class, which is responsible for parsing security findings from Aqua Security scan reports, as well as enhancing the functionality of the vulnerability_tree function in the dojo/tools/aqua/parser.py file.

The changes to the unit tests for the AquaParser class indicate that the parser has been updated to correctly handle the Aqua Security scan report and identify additional findings, which is a positive change from a security perspective. The increase in the number of identified findings suggests the parser is becoming more effective at detecting potential security issues.

The changes to the vulnerability_tree function introduce new functionality to handle "sensitive items" in the Aqua Scan report, which can help mitigate the risk of unauthorized access or data leakage. Additionally, the changes enhance the vulnerability descriptions by providing more context about the affected resources, which can help security teams better understand the potential impact of the vulnerabilities and prioritize remediation efforts accordingly.

Files Changed:

  1. unittests/tools/test_aqua_parser.py:

    • The changes in the test_aqua_parser_aqua_devops_issue_10611 test case update the expected number of findings from 98 to 101 and add a check for the title of the 84th finding (index 83). These changes likely indicate that the parser has been updated to correctly handle the Aqua Security scan report and identify additional findings.

  2. dojo/tools/aqua/parser.py:

    • The changes in the vulnerability_tree function introduce new functionality to handle "sensitive items" in the Aqua Scan report by creating a new Finding object for each sensitive item.
    • The changes in the get_item function add the resource path to the vulnerability description, providing more context about the affected resource.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

mtesauro
mtesauro approved these changes Aug 9, 2024
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@Maffooch Maffooch merged commit c79d0a6 into DefectDojo:bugfix Aug 12, 2024
73 checks passed
@manuel-sommer manuel-sommer deleted the fix_10585 branch August 18, 2024 20:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@grendel513 grendel513 grendel513 approved these changes

@cneill cneill cneill approved these changes

@mtesauro mtesauro mtesauro approved these changes

@hblankenship hblankenship hblankenship approved these changes

@Maffooch Maffooch Maffooch approved these changes

Assignees
No one assigned
Labels
parser unittests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@manuel-sommer @grendel513 @cneill @mtesauro @hblankenship @Maffooch