-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improved naming of discovered findings filter and add same for mitigated #10429
base: dev
Are you sure you want to change the base?
Improved naming of discovered findings filter and add same for mitigated #10429
Conversation
…ded similar for mitigated field on api & UI
Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.
Note 🔴 Risk threshold exceeded. Adding a reviewer if one is configured in notification list: @mtesauro @grendel513 Change Summary (click to expand)The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective. Summary: The code changes in this pull request appear to be focused on enhancing the filtering and search functionality of the Defect Dojo application. The changes introduce a comprehensive set of filters that cover various models, including Findings, Engagements, Products, Endpoints, and more. The filters are designed to respect the user's permissions and only show the data that the user is authorized to access. The code also includes specialized filters for specific use cases, such as finding findings that are outside of their SLA or accepted findings. Additionally, the code includes API-specific filters and filters for the Engagement Survey feature. Overall, these changes provide a powerful and flexible filtering system that will greatly improve the user experience and data management capabilities of the Defect Dojo application. Files Changed:
Powered by DryRun Security |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
DryRun Security SummaryThe pull request enhances the filtering functionality of the Defect Dojo application by introducing a set of filter classes that provide advanced search and filtering capabilities for various entities, including findings, engagements, products, and more, with features such as tag-based filtering, permissions-based filtering, date range filtering, and specialized filters for specific use cases. Expand for full summarySummary: The code changes in this pull request are focused on enhancing the filtering functionality of the Defect Dojo application. The changes introduce a set of filter classes, such as The key highlights of the changes include the implementation of tag-based filtering, permissions-based filtering to ensure users can only access data they are authorized to view, specialized date range filters, and filters for specific use cases like SLA violations and risk acceptance. The code also includes API-specific filters to provide filtering capabilities for the application's API endpoints. These changes aim to improve the user experience and make it easier for Defect Dojo users to search and find the data they need, while maintaining the application's security and integrity. Files Changed:
Code AnalysisWe ran
Riskiness🔴 Risk threshold exceeded. We've notified @mtesauro, @grendel513. |
Conflicts have been resolved. A maintainer will review the pull request shortly. |
This PR updates the naming of filters related to #10401 to be a bit more precise.
Also it adds the same filter options for the "mitigated" field.