API Tags: Add filter for AND expressions
#11743
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DryRun Security SummaryThis PR implements AND-based tag filtering functionality across multiple files while maintaining security through proper parameter validation. Expand for full summaryThis PR adds new tag filtering capabilities across multiple test and filter files, introducing an AND-based tag filtering mechanism for various API endpoints. No direct security vulnerabilities were identified in the changes to Code AnalysisWe ran |
Maffooch
changed the title
AND expressions
dogboat
requested changes
Feb 10, 2025
hblankenship
approved these changes
Feb 13, 2025
blakeaowens
approved these changes
Feb 13, 2025
Maffooch
commented
Feb 20, 2025
dogboat
approved these changes
Feb 20, 2025
Maffooch
added a commit
that referenced
this pull request
Feb 24, 2025
….0-dev (#11888) * Update versions in application files * Return Feedback about wrong File Format in ZAP (#11772) * Return Feedback about wrong File Format in ZAP * ruff * Surveys: Correct Question 404 (#11862) * Surveys: Correct Question 404 When editing a survey question, a 404 is presented for a valid object. At some point, the content type for Questions changed to `Defect Dojo` (the verbose name of the app) rather than `dojo` (the common name) There is only one place where the name of the content type is accessed, so adding some backward compatible checks corrected the issue [sc-10195] * Update views.py * API Tags: Add filter for `AND` expressions (#11743) * API Tags: Add filter for `AND` expressions * Fix some ruff stuff * Small corrections * Update dojo/filters.py * Release Notes: 2.43.3 (#11857) * add 2.43.0 changelog * add 2.43.1 * v2.43.2 * 2.43.3 --------- Co-authored-by: Paul Osinski <paul.m.osinski@gmail.com> * Docs Updates: Feb (#11791) * exclude archived docs from search * rm index files from search results * fix typo - CWE to CVE * update external_tools.md with additional windows options * remove outdated github.io links * specify that EPSS sync is pro-only * add universal parser documentation * add beta notice to Universal Parser * Update universal_parser.md * add back defectdojo.com/pricing links * add scss change to fix 'central column' issue * add rules engine Pro documentation * change casing for screenshots * create pro features list, add to header * Rename Enabling_Deduplication_within_an_Engagement.png to enabling_deduplication_within_an_engagement.png * Rename Enabling_Deduplication_within_an_Engagement_2.png to enabling_deduplication_within_an_engagement_2.png * Rename Enabling_Deduplication_within_an_Engagement_3.png to enabling_deduplication_within_an_engagement_3.png * Rename Enabling_Deduplication_within_an_Engagement_4.png to enabling_deduplication_within_an_engagement_4.png --------- Co-authored-by: Paul Osinski <paul.m.osinski@gmail.com> * Feb docs hotfix (#11870) * Rename Enabling_Product-Level_Deduplication.png to enabling_product-level_deduplication.png * Rename Enabling_Product-Level_Deduplication_2.png to enabling_product-level_ceduplication_2.png * Rename enabling_product-level_ceduplication_2.png to enabling_product-level_deduplication_2.png * Update versions in application files * Update versions in application files * Fixing flake 8 --------- Co-authored-by: DefectDojo release bot <dojo-release-bot@users.noreply.github.com> Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Co-authored-by: manuelsommer <47991713+manuel-sommer@users.noreply.github.com> Co-authored-by: Paul Osinski <42211303+paulOsinski@users.noreply.github.com> Co-authored-by: Paul Osinski <paul.m.osinski@gmail.com> Co-authored-by: Ross E Esposito <ross@defectdojo.com>
quirinziessler
pushed a commit
to quirinziessler/django-DefectDojo
that referenced
this pull request
Feb 26, 2025
* API Tags: Add filter for `AND` expressions * Fix some ruff stuff * Small corrections * Update dojo/filters.py
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When using the
tagsfilter on a finding, the operation applied with multiple tags is anOR, but anANDexpression would be desired. To avoid creating some breaking changes, this PR adds new filters with the filters for*tags__andin all the places where tag filters are currently used[sc-10134]