devsecops-engine-tools 1.29.0__py3-none-any.whl → 1.30.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devsecops-engine-tools might be problematic. Click here for more details.
- devsecops_engine_tools/engine_core/src/domain/model/exclusions.py +1 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py +1 -1
- devsecops_engine_tools/engine_risk/src/domain/usecases/break_build.py +23 -9
- devsecops_engine_tools/version.py +1 -1
- {devsecops_engine_tools-1.29.0.dist-info → devsecops_engine_tools-1.30.1.dist-info}/METADATA +1 -1
- {devsecops_engine_tools-1.29.0.dist-info → devsecops_engine_tools-1.30.1.dist-info}/RECORD +9 -9
- {devsecops_engine_tools-1.29.0.dist-info → devsecops_engine_tools-1.30.1.dist-info}/WHEEL +0 -0
- {devsecops_engine_tools-1.29.0.dist-info → devsecops_engine_tools-1.30.1.dist-info}/entry_points.txt +0 -0
- {devsecops_engine_tools-1.29.0.dist-info → devsecops_engine_tools-1.30.1.dist-info}/top_level.txt +0 -0
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py
CHANGED
|
@@ -549,7 +549,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
|
|
|
549
549
|
create_date, expired_date = self._date_reason_based(finding, date_fn, reason)
|
|
550
550
|
|
|
551
551
|
return Exclusions(
|
|
552
|
-
id=finding.vuln_id_from_tool if finding.vuln_id_from_tool else finding.
|
|
552
|
+
id=finding.vuln_id_from_tool if finding.vuln_id_from_tool else finding.id[0]["vulnerability_id"],
|
|
553
553
|
where=self._get_where(finding, tool),
|
|
554
554
|
create_date=create_date,
|
|
555
555
|
expired_date=expired_date,
|
|
@@ -124,7 +124,7 @@ class BreakBuild:
|
|
|
124
124
|
print(f"Mitigated count: {mitigated} Total count: {total}")
|
|
125
125
|
remediation_rate_value = self._get_percentage(mitigated / total)
|
|
126
126
|
|
|
127
|
-
risk_threshold = self.
|
|
127
|
+
risk_threshold = self._get_remediation_rate_threshold(total)
|
|
128
128
|
self.remediation_rate = remediation_rate_value
|
|
129
129
|
|
|
130
130
|
if remediation_rate_value >= (risk_threshold + 5):
|
|
@@ -151,6 +151,13 @@ class BreakBuild:
|
|
|
151
151
|
)
|
|
152
152
|
self.break_build = True
|
|
153
153
|
|
|
154
|
+
def _get_remediation_rate_threshold(self, total):
|
|
155
|
+
remediation_rate = self.threshold["REMEDIATION_RATE"]
|
|
156
|
+
for key in sorted(remediation_rate.keys(), key=lambda x: int(x) if x.isdigit() else float('inf')):
|
|
157
|
+
if key.isdigit() and total <= int(key):
|
|
158
|
+
return remediation_rate[key]
|
|
159
|
+
return remediation_rate["other"]
|
|
160
|
+
|
|
154
161
|
def _get_percentage(self, decimal):
|
|
155
162
|
return round(decimal * 100, 3)
|
|
156
163
|
|
|
@@ -186,14 +193,21 @@ class BreakBuild:
|
|
|
186
193
|
or (report.id and report.id == exclusion.id)
|
|
187
194
|
or (report.vm_id and exclusion.id in report.vm_id)
|
|
188
195
|
) and ((exclusion.where in report.where) or (exclusion.where == "all")):
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
196
|
+
if not exclusion.check_in_desc:
|
|
197
|
+
exclude = True
|
|
198
|
+
else:
|
|
199
|
+
for item in exclusion.check_in_desc:
|
|
200
|
+
if item in report.vul_description:
|
|
201
|
+
exclude = True
|
|
202
|
+
break
|
|
203
|
+
if exclude:
|
|
204
|
+
exclusion_copy = copy.deepcopy(exclusion)
|
|
205
|
+
exclusion_copy.vm_id = report.vm_id
|
|
206
|
+
exclusion_copy.vm_id_url = report.vm_id_url
|
|
207
|
+
exclusion_copy.service = report.service
|
|
208
|
+
exclusion_copy.tags = report.tags
|
|
209
|
+
applied_exclusions.append(exclusion_copy)
|
|
210
|
+
break
|
|
197
211
|
if not exclude:
|
|
198
212
|
report.reason = "Remediation Rate"
|
|
199
213
|
filtered_reports.append(report)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
version = '1.
|
|
1
|
+
version = '1.30.1'
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
devsecops_engine_tools/version.py,sha256
|
|
2
|
+
devsecops_engine_tools/version.py,sha256=-Z19FmkdQ_jlECeqI9Hj7dwXroHxei0kCpMC8yIQA9U,19
|
|
3
3
|
devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
4
4
|
devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
5
5
|
devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -10,7 +10,7 @@ devsecops_engine_tools/engine_core/src/domain/__init__.py,sha256=47DEQpj8HBSa-_T
|
|
|
10
10
|
devsecops_engine_tools/engine_core/src/domain/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
11
11
|
devsecops_engine_tools/engine_core/src/domain/model/component.py,sha256=_rWtP0v_lyOZ4s5FGZc0rOJ3eh4AAWuGMaXzSYBcZMU,94
|
|
12
12
|
devsecops_engine_tools/engine_core/src/domain/model/customs_exceptions.py,sha256=YLeOj4O7kNsUx8RD6pwBQdFLYbkm7Eh-F-ohZ3jFGbs,599
|
|
13
|
-
devsecops_engine_tools/engine_core/src/domain/model/exclusions.py,sha256=
|
|
13
|
+
devsecops_engine_tools/engine_core/src/domain/model/exclusions.py,sha256=RjFKIpGVuntnvFZ6GlOYODrChKsUcWxPVQLGeGOeqfo,751
|
|
14
14
|
devsecops_engine_tools/engine_core/src/domain/model/finding.py,sha256=MntDksQuPt1L-1Ww3nK7NbMLfVwRjxPGCN_oHYXbbWk,383
|
|
15
15
|
devsecops_engine_tools/engine_core/src/domain/model/input_core.py,sha256=hc1WMzCwsGxnrlvvk84S5iNYJRDQWbaQP9MwR3N7tVM,422
|
|
16
16
|
devsecops_engine_tools/engine_core/src/domain/model/level_compliance.py,sha256=ntn_UWqHc6sT5g_LozBdjdewTQxFsp7Kt8M0xqw-k_o,98
|
|
@@ -38,7 +38,7 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secret
|
|
|
38
38
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
39
39
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=buCBJ6kAg-5b_7P-gWzem6NEMbk5lK9Hx0Zuf-BQfXQ,5090
|
|
40
40
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
41
|
-
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256
|
|
41
|
+
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=93sMR3KZ5NswUn2AcK0RuohslaxIiKWtI3j9DZLyuRk,24583
|
|
42
42
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
43
43
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py,sha256=KCg6tTDncasrRZbB20QiLZNE6TKYkfgQ9zP0wPd3xe0,3925
|
|
44
44
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -78,7 +78,7 @@ devsecops_engine_tools/engine_risk/src/domain/model/gateways/__init__.py,sha256=
|
|
|
78
78
|
devsecops_engine_tools/engine_risk/src/domain/model/gateways/add_epss_gateway.py,sha256=cTm4QSxiaUt7ETCdXWZxKEus8pmEDA3e9k5b39SLDDE,178
|
|
79
79
|
devsecops_engine_tools/engine_risk/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
80
80
|
devsecops_engine_tools/engine_risk/src/domain/usecases/add_data.py,sha256=4wqDj-q7hJfJscvrbMDcy7tONqxdxl-CSl_TWTRUGKA,402
|
|
81
|
-
devsecops_engine_tools/engine_risk/src/domain/usecases/break_build.py,sha256=
|
|
81
|
+
devsecops_engine_tools/engine_risk/src/domain/usecases/break_build.py,sha256=qE9giBOR19rI7W084uE0OoPHpYGwKq0yRm4Tz6R10vw,12536
|
|
82
82
|
devsecops_engine_tools/engine_risk/src/domain/usecases/check_threshold.py,sha256=VYdmcbAuNNvdHCegRfvza7YJ8FHbFNyDosrKJrMW93I,765
|
|
83
83
|
devsecops_engine_tools/engine_risk/src/domain/usecases/get_exclusions.py,sha256=1ekBmLK36R3ddkQ40s8teAYvaldG8hnVsacXnWdkKrg,2460
|
|
84
84
|
devsecops_engine_tools/engine_risk/src/domain/usecases/handle_filters.py,sha256=JmeBtO6CMufjYSRpGQU1kPZoW3PnXwVXnl33LSIU3n8,3543
|
|
@@ -317,8 +317,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
|
|
|
317
317
|
devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
|
|
318
318
|
devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
|
|
319
319
|
devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=_yaXWHN1pi2xFFKg0yKbb4fsK_ZRv7Dk_9N1FtPS72k,5964
|
|
320
|
-
devsecops_engine_tools-1.
|
|
321
|
-
devsecops_engine_tools-1.
|
|
322
|
-
devsecops_engine_tools-1.
|
|
323
|
-
devsecops_engine_tools-1.
|
|
324
|
-
devsecops_engine_tools-1.
|
|
320
|
+
devsecops_engine_tools-1.30.1.dist-info/METADATA,sha256=a88SQ4banyhdEewLZ0CPp1rwmfz780cj4875aItiOmw,11162
|
|
321
|
+
devsecops_engine_tools-1.30.1.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
|
|
322
|
+
devsecops_engine_tools-1.30.1.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
|
|
323
|
+
devsecops_engine_tools-1.30.1.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
|
|
324
|
+
devsecops_engine_tools-1.30.1.dist-info/RECORD,,
|
|
File without changes
|
{devsecops_engine_tools-1.29.0.dist-info → devsecops_engine_tools-1.30.1.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{devsecops_engine_tools-1.29.0.dist-info → devsecops_engine_tools-1.30.1.dist-info}/top_level.txt
RENAMED
|
File without changes
|