Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/DefectDojo/django-DefectDojo

DevSecOps, ASPM, Vulnerability Management. All on one platform.
https://github.com/DefectDojo/django-DefectDojo

Added steps to reproduce in Jira Description Template (#2990)

* bugfix nmap parser

* bugfix nmap parser

* added missing line break at the end of the fil...

afa617880e2372155e4de552b670f726b728e001 authored about 4 years ago by FallenAtticus <[email protected]>
aws security hub: fix handling of missing lastObservedAt (#3277)

* aws security hub: fix handling of missing lastObserverAt

* aws security hub: fix handling o...

66ce7f9a966d3248bb7bf63fa4b6b10d754caf24 authored about 4 years ago by valentijnscholten <[email protected]>
jira: fix mailto link in description (#3281)

9620a916b6a3de4159aefc6c73fa22a40d62438d authored about 4 years ago by valentijnscholten <[email protected]>
jira: split url handling for issues and projects (#3284)

* jira: split url handling for issues and projects

* jira: split url handling for issues and ...

c3458d4b88cf32f727aa737a2a6376fa9139c7d3 authored about 4 years ago by valentijnscholten <[email protected]>
reimport: set component_name&version on existing findings (#3288)

* reimport: set component_name&version on existing findings

102adc43455864db658d65f3c43b72faa3c7e686 authored about 4 years ago by valentijnscholten <[email protected]>
Merge pull request #3294 from valentijnscholten/jira-fix-project-id

jira: set jira_project when creating JIRA_Issue

4dc023cc32202c30e18f980127e54eaadcd2f5fa authored about 4 years ago by Fred Blaise <[email protected]>
Merge pull request #3305 from DefectDojo/dependabot/pip/dev/google-api-python-client-1.12.8

build(deps): bump google-api-python-client from 1.12.6 to 1.12.8

3fca50ffe8185969e5be5c4659a3e2582c2be674 authored about 4 years ago by Fred Blaise <[email protected]>
Merge pull request #3307 from DefectDojo/dependabot/pip/dev/django-crispy-forms-1.10.0

build(deps): bump django-crispy-forms from 1.9.2 to 1.10.0

cf866f8d6fe2101d955023dc020685ffbd0735d0 authored about 4 years ago by Fred Blaise <[email protected]>
Merge pull request #3254 from RomainJufer/dev

API_V2 : Add metadata operation on findings endpoints

198be2cdf28b9114417a820da71f41bfa15254ed authored about 4 years ago by Greg Anderson <[email protected]>
performance: optimize a bit view_finding, max similar findings=25 (#3293)

* perf: optimize a bit view_finding

* perf: optimize a bit view_finding

e72a5289d8fd706fd29064c8941e95dc3d415c64 authored about 4 years ago by valentijnscholten <[email protected]>
Various bug fixes in various places (#3308)

* Various Bug Fixes

* Fix dropdown mixups

* Fix flake8 and copy/paste error

Co-authored...

4f3af5b4d939a55615ba501ef4c2e564c8f3747e authored about 4 years ago by Cody Maffucci <[email protected]>
build(deps): bump django-crispy-forms from 1.9.2 to 1.10.0

Bumps [django-crispy-forms](https://github.com/django-crispy-forms/django-crispy-forms) from 1.9...

ecbd0d913f7e7945e4120d473cc872627a80cb93 authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Updated contributing doc to have Python 3.6 instead of 3.5 (#3306)

* Updated contributing doc to have Python 3.6 instead of 3.5

5a3833e919c756d4af667794494702ba79415950 authored about 4 years ago by Matt Tesauro <[email protected]>
build(deps): bump google-api-python-client from 1.12.6 to 1.12.8

Bumps [google-api-python-client](https://github.com/googleapis/google-api-python-client) from 1....

2a1c049203dd92edad6a9a3d722743cc7ae2118f authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
unittests: delete erroneously committed empty ZoneIdentifier metatdata files (#3304)

* Delete many_vuln_npm7.json:Zone.Identifier

* Delete bnp_npm6.json:Zone.Identifier

bd76a372edca0b2171a00a9f72fbc9d1075f7dae authored about 4 years ago by valentijnscholten <[email protected]>
Allow re-import scan to function without JIRA (#3295)

* Allow re-import scan to function without JIRA
Co-authored-by: Maffooch <codymaffucci@Codys-Ma...

6d76b811deb91de60edf425c86b9b06ed36654b0 authored about 4 years ago by Cody Maffucci <[email protected]>
sla notify: disable by default, add explenation to settings (#3289)

2ca56dc70c6c5d13a5fd0b1d26d966f3610bf0c1 authored about 4 years ago by valentijnscholten <[email protected]>
Fix Accepted Risk reporter/owner in engineer metrics (#3297)

Co-authored-by: Maffooch <[email protected]>

d8917b67ab7d58e4ff11ff16629fe7cf8fbd70ec authored about 4 years ago by Cody Maffucci <[email protected]>
Merge pull request #3291 from madchap/RD-breaking-changes-section

Release drafter - add breaking changes section

e3f4d6791469daec750de1449df36eaf02be418f authored about 4 years ago by Fred Blaise <[email protected]>
jira: set jira_project when creating JIRA_Issue

527279e6ae2d7c913b3ad0af9b6da065246fe3d8 authored about 4 years ago by Valentijn Scholten <[email protected]>
Merge pull request #3287 from DefectDojo/dependabot/pip/dev/google-api-python-client-1.12.6

build(deps): bump google-api-python-client from 1.12.5 to 1.12.6

bb31f0eafe757a514924433174fb24ef8176f7dd authored about 4 years ago by Fred Blaise <[email protected]>
add breaking changes section

a193b625425033cab98b0e5ec373b0dba34f53da authored about 4 years ago by Fred Blaise <[email protected]>
build(deps): bump google-api-python-client from 1.12.5 to 1.12.6

Bumps [google-api-python-client](https://github.com/googleapis/google-api-python-client) from 1....

07045f76ac264a3b89ef12f56faf636c1c7503e2 authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Reintroduce HTML report builder (#3250)

* Reintroduce HTML report builder

* Fix AccessLint qualms

* Add report builder unit test
...

68426db5ce27daa81d34480799629df5a36f0162 authored about 4 years ago by Cody Maffucci <[email protected]>
Set flag for auto refresh of alert/counts (#3275)

* Set flag for auto refresh of alert/counts

* Appease AccessLine

* Set default to True

...

eb70d8726779ec34715456cfaff23d52ac0c3c95 authored about 4 years ago by Cody Maffucci <[email protected]>
Merge pull request #3282 from madchap/jira-reporter-fix

Fix JIRA owner instead of reporter

ba13c599e260fc0b99e9f382307ada2aa27b73ae authored about 4 years ago by Fred Blaise <[email protected]>
owner instead of reporter

984626900ec0ee6b9398b1672d857d362708ec38 authored about 4 years ago by Fred Blaise <[email protected]>
settings.dist.py: reduce default log level from DEBUG to INFO (#3280)

3a47cfb1f02e833d423aac34c297465d3a723a5c authored about 4 years ago by valentijnscholten <[email protected]>
Commented out print statement 'ready(): initializing watson' as it breaks 'manage.py dumpdata' (#3274)

* Commented out print statement 'ready(): initializing watson' as it breaks 'manage.py dumpdata'...

caa67b88e38e4733e0f396671e917e7f91b71902 authored about 4 years ago by Matt Tesauro <[email protected]>
jira: use correct url for dojo_alert notification (#3273)

* Update views.py

* Update views.py

4bee37af7e550e4b41ee5d38a8bb90494de2aa66 authored about 4 years ago by valentijnscholten <[email protected]>
build(deps): bump asteval from 0.9.20 to 0.9.21 (#3266)

Bumps [asteval](https://github.com/newville/asteval) from 0.9.20 to 0.9.21.
- [Release notes](h...

004d75885d4448e1148ca9e1b885e73e0a93b022 authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Update open finding definition on product level (#3267)

Co-authored-by: Maffooch <[email protected]>

8ee3fbf8654a6fdb23fa4367e7a92dcfd638b10b authored about 4 years ago by Cody Maffucci <[email protected]>
uwsgi: increase default buffer-size (#3269)

* increase default uwsgi buffer-size from 4k to 8k

* Update entrypoint-uwsgi-dev.sh

* incr...

fbe17e5ab19d1ade021899b0d682d40af75cddc7 authored about 4 years ago by valentijnscholten <[email protected]>
JIRA: Allow config per engagement, incl big JIRA refactor (#3200)

To allow users to have some flexibility in their JIRA setup / mapping to Defect Dojo, we'd decid...

addeb0b8dfcd0a8aaaa256bda162aaceb33bf02f authored about 4 years ago by valentijnscholten <[email protected]>
Change encoding from utf-8 to utf-8-sig (#2583)

To fix error on unexpected BOM in vulnerabilities json exported from Netsparker 5.8

uwsgi_1 ...

070833fbe7b54642ddecb273836674cb1465a8ba authored about 4 years ago by jhamba <[email protected]>
Celery: only send model ids and not full instances (#3092)

* celery: only send model ids, not full model instances

5b8694a456a97df7f7015329eae162e9a9ca3493 authored about 4 years ago by valentijnscholten <[email protected]>
Merge pull request #3265 from DefectDojo/master-into-dev/1.10.0-dev

Release: Merge back master into dev from: master-into-dev/1.10.0-dev

215d3c938cb6f13e7f0170fb6bb5e9a32343c29d authored about 4 years ago by Fred Blaise <[email protected]>
Update versions in application files

2f9982f22ba7b465a387d4566cd4b8052998f30b authored about 4 years ago by DefectDojo release bot <[email protected]>
Merge pull request #3264 from DefectDojo/release/1.9.3

Release: Merge release into master from: release/1.9.3

a35603ca84030998e99512286e51ccab257b997b authored about 4 years ago by Fred Blaise <[email protected]>
Update versions in application files

a1d489069aa0347d1a05bce0fe24a92226d70a96 authored about 4 years ago by DefectDojo release bot <[email protected]>
Merge pull request from GHSA-8q8j-7wc4-vjg5

jira: hide passwords in API response and admin portal

d1f3cdfdd82e8bb1359e52fa3dfa463fcc187f16 authored about 4 years ago by Fred Blaise <[email protected]>
Merge pull request #3231 from DefectDojo/renovate/mysql-1.x

Update helm chart mysql from 1.6.7 to v1.6.9 (helm/defectdojo/requirements.yaml)

c36ddef1ebf12afca0cfdb28111274af71ce174d authored about 4 years ago by Fred Blaise <[email protected]>
Merge pull request #3262 from DefectDojo/dependabot/pip/dev/asteval-0.9.20

build(deps): bump asteval from 0.9.19 to 0.9.20

2ec3e87b4197d90afb97c0582ef133a3e40f20f8 authored about 4 years ago by Fred Blaise <[email protected]>
Merge pull request #3259 from DefectDojo/dependabot/pip/dev/urllib3-1.26.2

build(deps): bump urllib3 from 1.26.1 to 1.26.2

b91a218d33bffcfbea8a45edbe745d54958569f9 authored about 4 years ago by Fred Blaise <[email protected]>
Merge pull request #3263 from DefectDojo/valentijnscholten-patch-2

fix reports: add missing Q import

d9c095fa23bb45c1d79af35d9f12a559f5bc5580 authored about 4 years ago by Fred Blaise <[email protected]>
fix reports: add missing Q import

636ef08ffa855fe0bb2f5dc83a99a9bac2fc32f3 authored about 4 years ago by valentijnscholten <[email protected]>
build(deps): bump asteval from 0.9.19 to 0.9.20

Bumps [asteval](https://github.com/newville/asteval) from 0.9.19 to 0.9.20.
- [Release notes](ht...

8391ea2ae04a9a889d56119572239918d483d455 authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Update helm chart mysql from 1.6.7 to v1.6.9 (helm/defectdojo/requirements.yaml)

0dfc0d5df4d1777ceea89baed2c5999cc3bf2c1d authored about 4 years ago by Renovate Bot <[email protected]>
advisory: unittests

6a844a299b2c6fc4f80f6df698bf5af0b53aaf47 authored about 4 years ago by Valentijn Scholten <[email protected]>
advisory: do not return jira password in API v1 response

8901b607e7ea3eaa627187830a13aab5905161e2 authored about 4 years ago by Valentijn Scholten <[email protected]>
advisory: use password field widget for jira and tool password

5fbf6ce5379c5ad36c65f405d57e67310aa68d42 authored about 4 years ago by Valentijn Scholten <[email protected]>
advisory: do not return jira password in API v1 response

64c800407906a2ad39469cc83b45a33438c655c3 authored about 4 years ago by Valentijn Scholten <[email protected]>
advisory: use password field widget for jira and tool password

0f71ebd01e837b36faaf48329d736c3977c3b07a authored about 4 years ago by Valentijn Scholten <[email protected]>
advisory: do not return jira password in API response

66375b152048dfab75955970cfde8b3cff7c694e authored about 4 years ago by Valentijn Scholten <[email protected]>
build(deps): bump urllib3 from 1.26.1 to 1.26.2

Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.1 to 1.26.2.
- [Release notes](htt...

887f81c438065f3a40d9edee70dabd5e4b99c501 authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Remove excessive qs in report generator (#3233)

Fixes #3221

c15f65d37979888d7ac14a1a3a8614acf0e8950e authored about 4 years ago by Cody Maffucci <[email protected]>
Update defect_dojo_sample_file.json to work with recent versions (#3239)

* Update demo data file

Co-authored-by: Maffooch <[email protected]>

47b80ec6f65df375f519b8a8206954bb0a8bc054 authored about 4 years ago by Cody Maffucci <[email protected]>
allow bulk delete in view_test (#3227)

* allow bulk delete in view_test

Co-authored-by: Cody Maffucci <[email protected]...

8634dd71ea9acb1fde12aeac582cc450c1cb1d9f authored about 4 years ago by valentijnscholten <[email protected]>
Merge pull request #3255 from DefectDojo/master

GHA-k8s: merge master into dev

bcb31c292f1cfb7e912e03f4ea1c42d7b920249f authored about 4 years ago by valentijnscholten <[email protected]>
minikube/k8s action improvement (#3251)

* Refactoring gitlab k8s action

* Uncommenting branches

Co-authored-by: Dubravko Sever <du...

d7523e1dc34af47185830c13bfa7aedfc667dd60 authored about 4 years ago by Sever <[email protected]>
Render URL's as HTML links in findings (#3054)

* Add HTML links to file_path and description

4b680019536f5e3d5505413d20e7fb20802a0eae authored about 4 years ago by Stefan Fleckenstein <[email protected]>
Fix flake8 format

65f702f07a8c29b0f0aea44e6e73863ba7b63b3d authored about 4 years ago by Romain Jufer <[email protected]>
Remove useless patch method

92cf050310fe12adabbf8c40099766cf624b0534 authored about 4 years ago by Romain Jufer <[email protected]>
Fix flake8 format

638cafff9012f1c17f9fa0822d6abe664e72e95a authored about 4 years ago by Romain Jufer <[email protected]>
Add test for metadata operation on findings endpoints

d70ef9232056d137ffdd31b52d08ba9bb3ceafa3 authored about 4 years ago by Romain Jufer <[email protected]>
Add metadata query on findings endpoints

c6c1b521ab4c66a10a10c846814b9c63948dc4c7 authored about 4 years ago by Romain Jufer <[email protected]>
Fixes mouse-over help for product notifications #2905 (#3128)

Co-authored-by: Marcos Valle <[email protected]>

b37c3f3936493fb4a24f744b79ecd622812b3591 authored about 4 years ago by Marcos Valle <[email protected]>
build(deps): bump django-crum from 0.7.8 to 0.7.9 (#3232)

Bumps [django-crum](https://github.com/ninemoreminutes/django-crum) from 0.7.8 to 0.7.9.
- [Rel...

8ecde16590585989cca99f6cd1526799e1db0dc0 authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
build(deps): bump urllib3 from 1.26.0 to 1.26.1 (#3248)

Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.0 to 1.26.1.
- [Release notes](ht...

a40a11bcd612f642a5167474213994896bec877b authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
build(deps): bump easymde from 2.12.1 to 2.13.0 in /components (#3249)

Bumps [easymde](https://github.com/Ionaru/easy-markdown-editor) from 2.12.1 to 2.13.0.
- [Relea...

2313f88e4678504255b2d39a9a7773dfe15debf4 authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Merge pull request #3235 from valentijnscholten/eps-prefetch1

endpoint_status: prefetch part1

db6f588a9ab3c4cb40b81077f4601d1b77402de8 authored about 4 years ago by Greg Anderson <[email protected]>
Merge pull request #3242 from DefectDojo/master

Merge master to dev for bitnami helm repo

a92b350c3d00e2d94ca7300a4471d30cd21a9532 authored about 4 years ago by valentijnscholten <[email protected]>
npm audit: refuse npm7 or high as it misses most imporant fields (#3145)

67dac07268614f02fd7fb31ccd63c850ab471e38 authored about 4 years ago by valentijnscholten <[email protected]>
build(deps): bump urllib3 from 1.25.11 to 1.26.0 (#3237)

Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.11 to 1.26.0.
- [Release notes](h...

bd7b58183fd3d2c73358731dc8807406778110ba authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Merge pull request #3131 from mgm-sp/key-improperly-configured

Raise ImproperlyConfigured exception if no DD_SECRET_KEY is set

b45719b395551f65d2f6332cc33bf9d084bf7a0c authored about 4 years ago by valentijnscholten <[email protected]>
add datetime to logformat (use verbose) (#3133)

4a0f05e37a70fb97444bd1853ec14075ea457744 authored about 4 years ago by valentijnscholten <[email protected]>
Improve Qualys WAS parser. (#3150)

* Improve Qualys WAS parser.

* Handle timezones in parser.

* Add vuln_id_from_tool for Qua...

d4e9ab4613ed0d4efb23362b08bbe01ad6da55e5 authored about 4 years ago by Ian Walton <[email protected]>
build(deps): bump nginx from 1.19.3-alpine to 1.19.4-alpine (#3214)

Bumps nginx from 1.19.3-alpine to 1.19.4-alpine.

Signed-off-by: dependabot-preview[bot] <supp...

1954f5330306681fc5a6450b11099bc5c78e7300 authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Improve default date handling. (#3156)

* Improve default date handling.

* Always use date from finding, even if default.

Co-autho...

00b15fa6b167efcf4c507fa0698b52647928eba0 authored about 4 years ago by Ian Walton <[email protected]>
Add finding > engagement and engagement > status filters. (#3228)

* Add finding > engagement and engagement > status filters.

* whitespace

* Remove duplicat...

8f4e37320ab1d8f4f78775aeb1f0a40a8e2b4098 authored about 4 years ago by Ian Walton <[email protected]>
Fix CWE URL on the finding page. (#3229)

Co-authored-by: Ian Walton <[email protected]>

e987f59a51273e5b0efa690fc0a0949c7bbb48ff authored about 4 years ago by Ian Walton <[email protected]>
remove unused new_eng view (#3215)

58c3c9ecb1de0c414e64ef5728230e759c15bffd authored about 4 years ago by valentijnscholten <[email protected]>
Merge pull request #3213 from valentijnscholten/fix-sys-settings-secret

system setting: set random secret when jira secret is disabled and empty

0e7ec18850abc8b30f11a8a04a6e41d6e8ba478a authored about 4 years ago by valentijnscholten <[email protected]>
Update k8s-testing.yml

add bitnami helm repo

7a88a306ef098c90aa5893c8e81cfbff6577a7c2 authored about 4 years ago by Fred Blaise <[email protected]>
Merge pull request #3238 from madchap/add-bitnami-gha

Add bitnami to helm repo list

82ffa84de752502fe53d3835e7530881066c8678 authored about 4 years ago by Fred Blaise <[email protected]>
add bitnami to helm repo list

8de391429cb41f21e30fc9eec95d61fe21321545 authored about 4 years ago by Fred Blaise <[email protected]>
endpoint_status: prefetch part1

9635d18c5e4c154733f1839f3b585c61585a15e1 authored about 4 years ago by Valentijn Scholten <[email protected]>
endpoint_status: prefetch part1

76d19447205483a3f7dcf96d4c11f4b9c53d7b46 authored about 4 years ago by Valentijn Scholten <[email protected]>
Merge pull request #3230 from DefectDojo/master

GHA workflow sync master->dev

53963df27e1b6952ba6502f0860c24c21e196355 authored about 4 years ago by valentijnscholten <[email protected]>
GHA: Improve status check after helm deployment (#3219)

835fd697514047699d76e2668f862b303a239e6b authored about 4 years ago by Sever <[email protected]>
Remove old logging causing issues with celery logging (#3202)

* clean up old code and adjust celery option

* remove old basic logging config

4b934222ad55fd2d259da247e15d73b862d9ff39 authored about 4 years ago by Fred Blaise <[email protected]>
add OSS Review Toolkit parser (ORT) (#3177)

* add ORT importer

7f5746b7389d64b9876d4a4f190be2ebe68b3db0 authored about 4 years ago by fb33 <[email protected]>
check if finding sla is enabled before running notify task (#3212)

8cfe7420febaf65fadf3df77093aed4b3db1512e authored about 4 years ago by Fred Blaise <[email protected]>
system setting: set random secret when jira secret is disabled and empty

79c654655c8b1aa35a59f302614b13d2e154116b authored about 4 years ago by Valentijn Scholten <[email protected]>
Fix missing base64 import (#3203)

The Burp plugin seems to be breaking because of the missing import.

320b13cf568b668f34529899fdf36552a0dd4f75 authored about 4 years ago by Alexandru Dracea <[email protected]>
APIv2: Allow updating users and set is_superuser (#3160)

921722c20963865a711713d4d44dbbd0ffb11aab authored about 4 years ago by Ian Walton <[email protected]>
use own org (#3199)

7a81ff2b80bc50f4cf5adbd01d6f622c068ccd36 authored about 4 years ago by Fred Blaise <[email protected]>
k8s stable repo doc change (#3194)

68fd26adfc9aa7cc4aee11c84d5470a8069b1a93 authored about 4 years ago by Fred Blaise <[email protected]>
Fix Qualys VM/OS null date issue. (#3148)

Co-authored-by: Ian Walton <[email protected]>

ff64fce4fd39cd7a8e2b379f20ee236cbec6feed authored about 4 years ago by Ian Walton <[email protected]>
build(deps): bump django-crum from 0.7.7 to 0.7.8 (#3161)

Bumps [django-crum](https://github.com/ninemoreminutes/django-crum) from 0.7.7 to 0.7.8.
- [Rel...

ccc3f61ca155ce480adb1172ef59ea79add338bf authored about 4 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>