Merge pull request DefectDojo#7382 from DefectDojo/release/2.18.1

Maffooch · web-flow · commit 177f2fb6b93d · 2023-01-09T10:48:43.000-06:00
Release: Merge release into master from: release/2.18.1
diff --git a/.github/workflows/test-helm-chart.yml b/.github/workflows/test-helm-chart.yml
@@ -5,6 +5,7 @@ on:
     branches:
       - master
       - dev
+      - bugfix
       - release/**
       - hotfix/**
 
@@ -58,7 +59,7 @@ jobs:
       # x.y.z gets bumped automatically when doing a release
       - name: Run chart-testing (lint)
         run: ct lint --config ct.yaml --target-branch ${{ env.ct-branch }} --check-version-increment=true
-        if: ${{ env.changed == 'true' && env.ct-branch != 'dev' }}  
+        if: ${{ env.changed == 'true' && env.ct-branch != 'dev' && env.ct-branch != 'bugfix' }}  
 
       # run all checks but version increment always when something changed
       - name: Run chart-testing (lint)
diff --git a/components/package.json b/components/package.json
@@ -1,6 +1,6 @@
 {
   "name": "defectdojo",
-  "version": "2.18.0",
+  "version": "2.18.1",
   "license" : "BSD-3-Clause",
   "private": true,
   "dependencies": {
diff --git a/dojo/__init__.py b/dojo/__init__.py
@@ -4,6 +4,6 @@
 # Django starts so that shared_task will use this app.
 from .celery import app as celery_app  # noqa
 
-__version__ = '2.18.0'
+__version__ = '2.18.1'
 __url__ = 'https://github.com/DefectDojo/django-DefectDojo'
 __docs__ = 'https://documentation.defectdojo.com'
diff --git a/dojo/importers/reimporter/utils.py b/dojo/importers/reimporter/utils.py
@@ -61,11 +61,14 @@ def update_endpoint_status(existing_finding, new_finding, user):
     # using `.all()` will mark as mitigated also `endpoint_status` with flags `false_positive`, `out_of_scope` and `risk_accepted`. This is a known issue. This is not a bug. This is a future.
     existing_finding_endpoint_status_list = existing_finding.status_finding.all()
     new_finding_endpoints_list = new_finding.unsaved_endpoints
-    endpoint_status_to_mitigate = list(
-        filter(
-            lambda existing_finding_endpoint_status: existing_finding_endpoint_status.endpoint not in new_finding_endpoints_list,
-            existing_finding_endpoint_status_list)
-    )
+    if new_finding.is_mitigated:
+        endpoint_status_to_mitigate = existing_finding_endpoint_status_list
+    else:
+        endpoint_status_to_mitigate = list(
+            filter(
+                lambda existing_finding_endpoint_status: existing_finding_endpoint_status.endpoint not in new_finding_endpoints_list,
+                existing_finding_endpoint_status_list)
+        )
     # Determine if this can be run async
     if settings.ASYNC_FINDING_IMPORT:
         chunk_list = importer_utils.chunk_list(endpoint_status_to_mitigate)
diff --git a/dojo/models.py b/dojo/models.py
@@ -2655,7 +2655,7 @@ def sla_days_remaining(self):
     def sla_deadline(self):
         days_remaining = self.sla_days_remaining()
         if days_remaining:
-            return self.date + relativedelta(days=days_remaining)
+            return get_current_date() + relativedelta(days=days_remaining)
         return None
 
     def github(self):
diff --git a/dojo/tools/bugcrowd/parser.py b/dojo/tools/bugcrowd/parser.py
@@ -39,7 +39,7 @@ def get_findings(self, filename, test):
             pre_description = self.split_description(row.get('description', None))
             Description = pre_description.get('description', '') + '\n\n' + pre_description.get('poc', '')
             Description += row.get('extra_info') + '\n\n' if row.get('extra_info', None) else ''
-            Description += 'BugCrowd Reference Nubmer: ' + row.get('reference_number') + '\n' if row.get('reference_number', None) else ''
+            Description += 'BugCrowd Reference Number: ' + row.get('reference_number') + '\n' if row.get('reference_number', None) else ''
             Description += 'Bug URL: ' + url + '\n' if url else ''
             Description += 'Bug Source: ' + row.get('source') + '\n' if row.get('source', None) else ''
             Description += 'BugCrowd User: ' + row.get('username') + '\n' if row.get('username', None) else ''
@@ -49,7 +49,7 @@ def get_findings(self, filename, test):
             Description += 'Closed at: ' + row.get('closed_at') + '\n' if row.get('closed_at', None) else ''
             Description += 'Target name: ' + row.get('target_name') + '\n' if row.get('target_name', None) else ''
             Description += 'Target category: ' + row.get('target_category') + '\n' if row.get('target_category', None) else ''
-            References = 'BugCrowd Reference Nubmer: ' + row.get('reference_number') + '\n' if row.get('reference_number', None) else ''
+            References = 'BugCrowd Reference Number: ' + row.get('reference_number') + '\n' if row.get('reference_number', None) else ''
             References += row.get('vulnerability_ids', '')
 
             finding.title = row.get('title', '')
diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml
@@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: "2.18.0"
+appVersion: "2.18.1"
 description: A Helm chart for Kubernetes to install DefectDojo
 name: defectdojo
-version: 1.6.48
+version: 1.6.49
 icon: https://www.defectdojo.org/img/favicon.ico
 maintainers:
   - name: madchap

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "defectdojo",`
`3`		`- "version": "2.18.0",`
	`3`	`+ "version": "2.18.1",`
`4`	`4`	`"license" : "BSD-3-Clause",`
`5`	`5`	`"private": true,`
`6`	`6`	`"dependencies": {`