fix(reimport): do not update finding tags on reimport for matched findings#14627
Open
valentijnscholten wants to merge 1 commit intoDefectDojo:bugfixfrom
Open
fix(reimport): do not update finding tags on reimport for matched findings#14627valentijnscholten wants to merge 1 commit intoDefectDojo:bugfixfrom
valentijnscholten wants to merge 1 commit intoDefectDojo:bugfixfrom
Conversation
…dings Tags from the report were being appended to matched findings via tags.add(), causing tags to accumulate across reimports instead of being left unchanged. This aligns tag handling with how other finding fields are treated on reimport. Closes DefectDojo#14606
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The behaviour of the Finding Tags in the reimport has been going through a bit of rough patch. At some point it was broken and it was fixed via #14459 . But that PR resulted in tags being added to existing tags, possibly leading to "too many" tags or "obsolete" tags. To avoid any confusion we have now decided to make the tags field behave like all other fields. It's set during import and not updated afterwards.
We are considering flags on the reimport request to trigger (certain) fields to be updated during reimport, but for now this PR is the desired behaviour.
tags.add(), causing tags to accumulate across reimports instead of being left unchanged. This was a regression introduced in use tags.add() instead of tags.set() on reimport #14459 which changedtags.set()totags.add().test_import_report_with_tagsto reflect the corrected behavior.