-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: prevent saving empty cve #2669
fix: prevent saving empty cve #2669
Conversation
Was there no migration generated with the change to models.py? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing the migration file definitely.
Hello @madchap and @Maffooch :) Django is not generating the migrations. https://docs.djangoproject.com/en/2.2/topics/db/models/#field-options
Just changes in |
Turns out that's true! Sorry about that, and thanks for double-checking @edersonbrilhante ! |
Have you tested it to be sure that nothing breaks by seeing a |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That was a fun fact about Django models. Thanks @edersonbrilhante!
Are these screenshots from the API? What I meant was under the hood the cve field is used for certain things like deduplication and I was wondering if that all still works. What if existing findings have cve as '' or as 0 and new findings get 'None' for cve. Will the dedupe still work? Will the hash be the same? Also there are some |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved
Hi @valentijnscholten, I was busy with another project, so I couldn't check this earlier :(. |
…x_finding_cve_empty
Just remembering, I want to fix the issue that overwrites the cve field from None to '', when I am using the interface. Parsers with
|
I think they should be updated, yes. If you can take care of them, it's be great :) |
…x_finding_cve_empty
Hi folks.
|
Description:
The fields CVE in fiends allows null value, however, when the finding is updated empty is overwritten this.
I notified this issue when I was using an openapi client consuming the API:
raise ValueError("Invalid value for `cve`, length must be greater than or equal to `1`")
label: bugfix