Submitting an Issue

For Bugs

Before submitting, please ensure that you are using the latests code by performing a git pull.

Please include your operating system, your operating system version number (16.04, 10.6, etc), and the dojo install you are using (setup.bash, docker, etc).

Bugs that do not have this information will be closed.

Contributing to DefectDojo

Here are a few things to keep in mind when making changes to DefectDojo.

Modifying DefectDojo and Testing

Please use these test scripts to test your changes. These are the exact scripts we run in our Travis Build.

For changes that require additional settings, is the file you want to change. is created by setup.bash from

Transition to python3

With the nearing deprecation of python 2.7, the conversion to python3 will be executed as smoothly as possible. During this process, DefectDojo will also be upgraded to Django 2.2.1. Going forward, the 'dev' branch will only accept bug fixes, Please instead contribute features / bug fixes to the ‘python3_dev’ branch.

Python3 version

For compatibility reasons, the code in dev branch should be python3.5 compliant.


Logging is configured in

Specific logger can be added. For example to activate logs related to the deduplication, change the level from DEBUG to INFO in:

          'dojo.specific-loggers.deduplication': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,

Submitting Pull Requests

The following are things to consider before submitting a pull request to DefectDojo.

  1. Ensure all changes made to the code, packages, etc. are reflected in the setup.bash script and the script.

  2. Make sure that the install is working properly.

  3. All tests found in these test scripts should be passing.

  4. All submitted code should conform to PEP8 standards.

  5. Pull requests should be submitted to the 'dev' or 'legacy-python2.7' branch.

  6. In dev branch, the code should be python 3.5 compliant.

