Skip to content

feat(engine_dast): new dast scanning engine.#140

Closed
russbelln wants to merge 562 commits intotrunkfrom
feature/engine_dast_nu
Closed

feat(engine_dast): new dast scanning engine.#140
russbelln wants to merge 562 commits intotrunkfrom
feature/engine_dast_nu

Conversation

@russbelln
Copy link
Collaborator

@russbelln russbelln commented May 7, 2024
edited
Loading

Description

  • Add new dast scanning engine
  • Add the Nuclei tool as driven adapter of the new engine

Checklist:

  • The pull request is complete according to the guide of contributing of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my feature, policy, or fix is effective and works
  • New and existing tests pass locally with my changes

@github-advanced-security
Copy link

github-advanced-security bot commented May 17, 2024

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security bot found potential problems May 17, 2024
View reviewed changes
@sonarqubecloud
Copy link

sonarqubecloud bot commented May 30, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
D Security Rating on New Code (required ≥ C)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

@russbelln russbelln changed the title Feature/engine dast nu feat(engine dast) Sep 5, 2024
@russbelln russbelln changed the title feat(engine dast) feat(engine dast): new dast scanning engine Sep 5, 2024
@russbelln russbelln changed the title feat(engine dast): new dast scanning engine feat(engine_dast): new dast scanning engine Sep 5, 2024
@russbelln russbelln changed the title feat(engine_dast): new dast scanning engine feat(engine_dast): new dast scanning engine. Sep 5, 2024
Gaviria9601
Gaviria9601 reviewed Sep 24, 2024
View reviewed changes
Copy link
Contributor

@Gaviria9601 Gaviria9601 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Review the comments
  • update example_remote_config_local engine_core with ENGINE_DAST config
  • remove .gitkeeps
  • Review the security issues sonarcloud
  • update version tools/devsecops_engine_tools/version.py
  • Please, finish the PR the checks

octaviovg
octaviovg reviewed Sep 25, 2024
View reviewed changes
octaviovg
octaviovg requested changes Sep 27, 2024
View reviewed changes
Copy link
Contributor

@octaviovg octaviovg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Validate comments

@sonarqubecloud
Copy link

sonarqubecloud bot commented Sep 28, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

Release Bot and others added 24 commits January 14, 2025 18:40
upgrade version to 1.30.2 version [skip ci]
73b94f9
@app-toolkit-opensource-innersource @juancgalvis
fix(deps): update dependencies (#258)
281e10d 
* fix(deps): update dependencies

* fix(deprecated): Update deprecated method usages

---------

Co-authored-by: juancgalvis <8420868+juancgalvis@users.noreply.github.com>
upgrade version to 1.7.0 version [skip ci]
77bbe8b
@jcamilomolinar
fix(gitleaks): pr comments and sonar issues
060b239
@jcamilomolinar
Merge branch 'trunk' of https://github.com/bancolombia/devsecops-engi…
af48336 
…ne-tools into feature/gitleaks
@jcamilomolinar
fix(gitleaks): reduce run tool complexity for sonar
7182388
@Gaviria9601
feat: 🚀 handle finding exclusion - white_list
dfac9fa
@Gaviria9601
fix conflicts
60ca9fe
@Gaviria9601
deploy dev
bb08b18
@jcamilomolinar
deploy dev
a1b2e77
@Gaviria9601
rollback version
a22e038
@Gaviria9601
fix bug date format - deploy dev
6bb8c8f
@Gaviria9601
fix error import scan - deploy dev
4fa6958
@Gaviria9601
ready to merge
4ceeb7f
@Gaviria9601
Merge pull request #291 from bancolombia/feature/white_list
e6d3f62 
feat(engine_core): 🚀 handle finding exclusion - white_list
upgrade version to 1.31.0 version [skip ci]
0b659cf
@jcamilomolinar
Merge branch 'trunk' of https://github.com/bancolombia/devsecops-engi…
b9236c9 
…ne-tools into feature/gitleaks
@jcamilomolinar
Merge pull request #284 from bancolombia/feature/gitleaks
ab9154d 
feat(engine_secret): new gitleaks driven adapter
upgrade version to 1.32.0 version [skip ci]
1193c6b
@cajlopezor
fix(engine_secret): download custom rules if enabled
d8ec5f9
@cajlopezor
Merge pull request #293 from bancolombia/fix/engine_secret
70d292c 
fix(engine_secret): download custom rules if enabled
upgrade version to 1.32.1 version [skip ci]
546186c
@jcamilomolinar
Merge branch 'feature/engine_dast_nu' of https://github.com/bancolomb…
b97fb4c 
…ia/devsecops-engine-tools into feature/engine_dast_nu
@jcamilomolinar
fix: handle failed test and conflicts
37db2fc
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 23, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
65.9% Coverage on New Code (required ≥ 70.0%)

See analysis details on SonarQube Cloud

@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 23, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@Gaviria9601 Gaviria9601 closed this Feb 3, 2025
@Gaviria9601 Gaviria9601 deleted the feature/engine_dast_nu branch February 6, 2025 14:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Gaviria9601 Gaviria9601 Gaviria9601 left review comments

@octaviovg octaviovg octaviovg requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

10 participants

@russbelln @Gaviria9601 @octaviovg @jcamilomolinar @ssantaa9 @sarbole @GeorgeLBS1 @dhfherna @cajlopezor @MikeHV14