You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Generating DOCX reports is broken for findings with empty affected entities. After upgrading from v4.1.0 to v4.2.0, generating a DOCX report is broken when findings have empty affected entities. The error is "Error at the affected entities section of finding REDACTED: Invalid template operation: expected string or bytes-like object".
Opening the affected findings and saving them (with no changes) resolves the errors. So, there is something broken or changed from v4.1.0 to v4.2.0.
To Reproduce
Steps to reproduce the error:
Upgrade Ghostwriter from v4.1.0 to v4.2.0
Open report
Navigate to Generate tab
Generate report -> Error
Steps to clear error:
Navigate to Findings tab
Open affected finding
Submit (to save the finding)
repeat for other findings
Navigate to Generate tab
Generate report
Expected Behavior
Findings with empty affected entities should not require them to be saved, again, after upgrade.
Upgrade Ghostwriter from v4.1.0 to v4.2.0
Open report
Navigate to Generate tab
Generate report -> no error
Screenshots
Available if needed.
Server Specs:
OS: Ubuntu 22.04
Docker: Docker version 26.1.1, build 4cf5afa
Docker Compose: Docker Compose version v2.27.0
Ghostwriter: v4.2.0, released 15 May 2024
Additional context
Reverting to v4.1.0 (and restoring backup postgres) resolves the issue.
The text was updated successfully, but these errors were encountered:
Hey @smcgu, as I mentioned in your other issue, it's best to use the code in main or the latest archive of the latest release. The v4.2 development branch is not ready for production use right now.
How did you load these findings into the database? If opening the finding and saving it without making any changes resolves the problem, that suggests the database entry is in a bad state with fields set to null that should never be null. When you save the finding, Ghostwriter fixes the bad fields by setting them to blank (not null). I can only reproduce this issue if I manually edit the database to null a field.
These findings were added to the findings library, added to the report, and edited in the Ghostwriter web UI. They were added to the report weeks ago and edited within Ghostwriter. There was no manual manipulation of the report findings through scripted API calls and no direct access of the database.
As mentioned, the findings and report generation work fine with v4.1.0, but are broken after upgrading to the latest v4.2.0 on the v4-1-dev branch.
The only possible thing that I can think of is that a few days ago I performed a bulk export and import of the findings library. However, report generation still works fine on v4.1.0 and my very limited understanding is that this process should only affect the findings library not findings already added to reports and their affected entities fields.
Describe the bug
Generating DOCX reports is broken for findings with empty affected entities. After upgrading from
v4.1.0
tov4.2.0
, generating a DOCX report is broken when findings have empty affected entities. The error is "Error at the affected entities section of finding REDACTED: Invalid template operation: expected string or bytes-like object".Opening the affected findings and saving them (with no changes) resolves the errors. So, there is something broken or changed from
v4.1.0
tov4.2.0
.To Reproduce
Steps to reproduce the error:
v4.1.0
tov4.2.0
Steps to clear error:
Expected Behavior
Findings with empty affected entities should not require them to be saved, again, after upgrade.
v4.1.0
tov4.2.0
Screenshots
Available if needed.
Server Specs:
Additional context
Reverting to
v4.1.0
(and restoring backup postgres) resolves the issue.The text was updated successfully, but these errors were encountered: