-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Import: leverage the minimum severity flag #10550
Conversation
DryRun Security SummaryThe pull request focuses on improving the functionality and security-related capabilities of the DefectDojo application, particularly in the areas of security finding import, reimport, and management, with changes to filtering findings by severity, ensuring minimum severity thresholds, and introducing extensive unit tests to ensure the accuracy and reliability of the import/reimport functionality. Expand for full summarySummary: The code changes in this pull request focus on improving the functionality and security-related capabilities of the DefectDojo application, particularly in the areas of security finding import, reimport, and management. The key changes include:
From an application security perspective, these changes are generally positive, as they focus on improving the security-related functionality and robustness of the DefectDojo application. However, it's important to continue reviewing the code changes and the overall security posture of the application to ensure that no unintended security vulnerabilities or issues are introduced. Files Changed:
Code AnalysisWe ran Riskiness🟢 Risk threshold not exceeded. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved
The
minimum_seveirty
flag was parsed and managed by theImporterOptions
class, but was never actually used by the Importers. This PR corrects that and adds a unit test to ensure the flag is working as expected.[sc-6837]