🐛 fix finding closed with a provided mitigated date #13699#13700
🐛 fix finding closed with a provided mitigated date #13699#13700mtesauro merged 2 commits intoDefectDojo:bugfixfrom
Conversation
🔴 Risk threshold exceeded.This pull request includes a sensitive edit to the file dojo/finding/helper.py (a configured codepath), which may require review against .dryrunsecurity.yaml settings for allowed authors and sensitive paths. The change triggered a failing risk threshold but is not marked as blocking.
🔴 Configured Codepaths Edit in
|
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
We've notified @mtesauro.
All finding details can be found in the DryRun Security Dashboard.
|
please review @valentijnscholten |
valentijnscholten
left a comment
valentijnscholten
left a comment
There was a problem hiding this comment.
Thanks. I think the reported issue still needs fixing? That could be depending on the valueof DD_EDITABLE_MITIGATED_DATA?
I was not able to reproduce the original issue, but discovered this one while testing it, thus I can't judge on this. |
Good hint @valentijnscholten, I was not sure if I should fix this issue also here, so I opened up a second PR, then you can test it easier with 2 different PRs resolving the 2 different issues #13701 |
…efectDojo#13700) * 🐛 fix finding closed with a provided mitigated date * advance unittests
5 participants
#13699
closing a finding with a provided "mitigated date" results in an error.