Feature/parser jfrog xray binary scan#9015
Merged
mtesauro merged 40 commits intoDec 2, 2023
Merged
Conversation
…b.com/bancolombia/django-DefectDojo into feature/parser_jfrog_xray_binary_scan
…b.com/bancolombia/django-DefectDojo into feature/parser_jfrog_xray_binary_scan
…b.com/bancolombia/django-DefectDojo into feature/parser_jfrog_xray_binary_scan
…b.com/bancolombia/django-DefectDojo into feature/parser_jfrog_xray_binary_scan
…b.com/bancolombia/django-DefectDojo into feature/parser_jfrog_xray_binary_scan
github-actions
Bot
added
settings_changes
Contributor
|
@renejal So close. Just a minor Flake8 to fix. Thanks for removing those couple of unrelated files from the previous PR 👍 |
blakeaowens
reviewed
Nov 17, 2023
cneill
suggested changes
Nov 17, 2023
Contributor
cneill
left a comment
cneill
left a comment
There was a problem hiding this comment.
Just a few suggestions around capitalization here.
kiblik
requested changes
Nov 17, 2023
Contributor
kiblik
left a comment
kiblik
left a comment
There was a problem hiding this comment.
I wanted to provide my feedback sooner. Unfortunately, we had different internal priorities.
I really like this PR. But I provided a couple of my comments and suggestions.
I could image even more unittests for multiple fields. @renejal, if you would merge my PR bancolombia#80, I'm willing to add them by myself.
…_binary_scan.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
…_binary_scan.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
…_binary_scan.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Co-authored-by: kiblik <kiblik@gjh.sk>
Contextual Security AnalysisAs DryRun Security performs checks, we’ll summarize them here. You can always dive into the results in the section below for checks.
Chat with your AI-powered Security Buddy by typing Install and configure more repositories at DryRun Security |
Co-authored-by: kiblik <kiblik@gjh.sk>
Co-authored-by: kiblik <kiblik@gjh.sk>
Co-authored-by: kiblik <kiblik@gjh.sk>
Co-authored-by: kiblik <kiblik@gjh.sk>
JFrog mprovements
Contributor
|
@renejal, now it is ready bancolombia#82 :) |
Xray on demand: Last Improvements and tests
kiblik
approved these changes
Nov 24, 2023
kiblik
approved these changes
Nov 27, 2023
cneill
approved these changes
Nov 28, 2023
devGregA
approved these changes
Nov 29, 2023
kiblik
approved these changes
Nov 29, 2023
grendel513
approved these changes
Nov 30, 2023
tpat13
pushed a commit
to tpat13/django-DefectDojo
that referenced
this pull request
Dec 4, 2023
* new parser Jfrog Xray on Demand Binary Scan * new parser Jfrog Xray on Demand Binary Scan * delete blank line at end of file * rename function * More sample reports * Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/settings/settings.dist.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/settings/settings.dist.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * First round of Improvements * Drop duplicates in component_id and full_path * Process per component * Visual improvements * Use+clean summary in Title, fix dedup, parse version, drop useless functions * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * fix test rename class * Last Improvements and tests * capitalization skills --------- Co-authored-by: Tomas Kubla <tomas@kubla.sk> Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> Co-authored-by: kiblik <kiblik@gjh.sk>
blakeaowens
pushed a commit
that referenced
this pull request
Feb 28, 2024
* Created _init_.py * Created parser.py * Update README.md (#9048) * Fixing README links and formatting (#9022) * fixing up some links/etc * formatting * more formatting, links, etc * formatting table HTML * Fixing links * typo * formatting, links * typo; adding Aaron Weaver to hall of fame * reorganizing * Bump python-gitlab from 3.15.0 to 4.2.0 (#9064) Bumps [python-gitlab](https://github.com/python-gitlab/python-gitlab) from 3.15.0 to 4.2.0. - [Release notes](https://github.com/python-gitlab/python-gitlab/releases) - [Changelog](https://github.com/python-gitlab/python-gitlab/blob/main/CHANGELOG.md) - [Commits](python-gitlab/python-gitlab@v3.15.0...v4.2.0) --- updated-dependencies: - dependency-name: python-gitlab dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fontawesomefree from 6.4.2 to 6.5.0 (#9074) Bumps [fontawesomefree](https://github.com/FortAwesome/Font-Awesome) from 6.4.2 to 6.5.0. - [Release notes](https://github.com/FortAwesome/Font-Awesome/releases) - [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/6.x/CHANGELOG.md) - [Commits](FortAwesome/Font-Awesome@6.4.2...6.5.0) --- updated-dependencies: - dependency-name: fontawesomefree dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * 🎉 added humble #8988 (#8989) * 🎉 added humble * fixed humble * added endpoints * fix according to comment * fix according to review * update * added deduplication setting * fix * Bump social-auth-core from 4.5.0 to 4.5.1 (#9073) Bumps [social-auth-core](https://github.com/python-social-auth/social-core) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/python-social-auth/social-core/releases) - [Changelog](https://github.com/python-social-auth/social-core/blob/master/CHANGELOG.md) - [Commits](python-social-auth/social-core@4.5.0...4.5.1) --- updated-dependencies: - dependency-name: social-auth-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Adding subcomponent labels for celery beat and worker (#9078) * Update rabbitmq Docker tag from 3.12.9 to v3.12.10 (docker-compose.yml) (#9075) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) (#9082) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update redis:7.2.3-alpine Docker digest from 7.2.3 to 7.2.3-alpine (docker-compose.yml) (#9083) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Bump boto3 from 1.29.7 to 1.33.5 (#9085) Bumps [boto3](https://github.com/boto/boto3) from 1.29.7 to 1.33.5. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.29.7...1.33.5) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fontawesomefree from 6.5.0 to 6.5.1 (#9086) Bumps [fontawesomefree](https://github.com/FortAwesome/Font-Awesome) from 6.5.0 to 6.5.1. - [Release notes](https://github.com/FortAwesome/Font-Awesome/releases) - [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/6.x/CHANGELOG.md) - [Commits](FortAwesome/Font-Awesome@6.5.0...6.5.1) --- updated-dependencies: - dependency-name: fontawesomefree dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add logging statement for failed password reset validation logic (#9087) * Finding Template: Correct save ordering (#9088) * Feature/parser jfrog xray binary scan (#9015) * new parser Jfrog Xray on Demand Binary Scan * new parser Jfrog Xray on Demand Binary Scan * delete blank line at end of file * rename function * More sample reports * Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/settings/settings.dist.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/settings/settings.dist.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * First round of Improvements * Drop duplicates in component_id and full_path * Process per component * Visual improvements * Use+clean summary in Title, fix dedup, parse version, drop useless functions * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py Co-authored-by: kiblik <kiblik@gjh.sk> * fix test rename class * Last Improvements and tests * capitalization skills --------- Co-authored-by: Tomas Kubla <tomas@kubla.sk> Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> Co-authored-by: kiblik <kiblik@gjh.sk> * Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) (#9089) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Nosey Parker Test Cases * Updated Parser * Bump cryptography from 41.0.5 to 41.0.7 (#9065) Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.5 to 41.0.7. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@41.0.5...41.0.7) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * NoseyParker Parser Flake8 compliance * NoseyParker fix for 0.16 * JSON lines fix * Nosey Parker Parser: v0.16 fix * Comma for consistency * Flake8 requirements * Update docs/content/en/integrations/parsers/file/noseyparker.md * Update dojo/tools/noseyparker/parser.py * Update docs/content/en/integrations/parsers/file/noseyparker.md * Removed example JSONL file * Add link to 0.16.0 Release * Spacing --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Greg Anderson <greg.anderson@owasp.org> Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: manuelsommer <47991713+manuel-sommer@users.noreply.github.com> Co-authored-by: Manuel Venega <127304555+veneber@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Co-authored-by: renejal <40049733+renejal@users.noreply.github.com> Co-authored-by: Tomas Kubla <tomas@kubla.sk> Co-authored-by: kiblik <kiblik@gjh.sk>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I will create a new pull request from number #8852 because it had commits that shouldn't be there
From our organization we want to contribute with a new xray parser for https://jfrog.com/help/r/jfrog-cli/on-demand-binary-scan