devsecops-engine-tools 1.30.0__py3-none-any.whl → 1.30.2__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devsecops-engine-tools might be problematic. Click here for more details.

Files changed (7) hide show
  1. devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py +44 -21
  2. devsecops_engine_tools/version.py +1 -1
  3. {devsecops_engine_tools-1.30.0.dist-info → devsecops_engine_tools-1.30.2.dist-info}/METADATA +1 -1
  4. {devsecops_engine_tools-1.30.0.dist-info → devsecops_engine_tools-1.30.2.dist-info}/RECORD +7 -7
  5. {devsecops_engine_tools-1.30.0.dist-info → devsecops_engine_tools-1.30.2.dist-info}/WHEEL +0 -0
  6. {devsecops_engine_tools-1.30.0.dist-info → devsecops_engine_tools-1.30.2.dist-info}/entry_points.txt +0 -0
  7. {devsecops_engine_tools-1.30.0.dist-info → devsecops_engine_tools-1.30.2.dist-info}/top_level.txt +0 -0
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py CHANGED
@@ -30,7 +30,9 @@ from functools import partial
30
30
 
31
31
  from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
32
32
  from devsecops_engine_tools.engine_utilities import settings
33
- from devsecops_engine_tools.engine_utilities.defect_dojo.domain.serializers.import_scan import ImportScanSerializer
33
+ from devsecops_engine_tools.engine_utilities.defect_dojo.domain.serializers.import_scan import (
34
+ ImportScanSerializer,
35
+ )
34
36
  import time
35
37
  import concurrent.futures
36
38
 
@@ -89,7 +91,9 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
89
91
  if vulnerability_management.dict_args["tool"] == "engine_iac":
90
92
  tags = f"{vulnerability_management.dict_args['tool']}_{'_'.join(vulnerability_management.dict_args['platform'])}"
91
93
 
92
- use_cmdb = vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["CMDB"]["USE_CMDB"]
94
+ use_cmdb = vulnerability_management.config_tool[
95
+ "VULNERABILITY_MANAGER"
96
+ ]["DEFECT_DOJO"]["CMDB"]["USE_CMDB"]
93
97
 
94
98
  request = self._build_request_importscan(
95
99
  vulnerability_management,
@@ -98,7 +102,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
98
102
  scan_type_mapping,
99
103
  enviroment_mapping,
100
104
  tags,
101
- use_cmdb
105
+ use_cmdb,
102
106
  )
103
107
 
104
108
  def request_func():
@@ -361,7 +365,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
361
365
  ex
362
366
  )
363
367
  )
364
-
368
+
365
369
  def _build_request_importscan(
366
370
  self,
367
371
  vulnerability_management: VulnerabilityManagement,
@@ -370,7 +374,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
370
374
  scan_type_mapping,
371
375
  enviroment_mapping,
372
376
  tags,
373
- use_cmdb: bool
377
+ use_cmdb: bool,
374
378
  ):
375
379
  common_fields = {
376
380
  "scan_type": scan_type_mapping[vulnerability_management.scan_type],
@@ -386,21 +390,22 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
386
390
  "environment": (
387
391
  enviroment_mapping[vulnerability_management.environment.lower()]
388
392
  if vulnerability_management.environment is not None
389
- and vulnerability_management.environment.lower()
390
- in enviroment_mapping
393
+ and vulnerability_management.environment.lower() in enviroment_mapping
391
394
  else enviroment_mapping["default"]
392
395
  ),
393
396
  "token_defect_dojo": token_dd,
394
397
  "host_defect_dojo": vulnerability_management.config_tool[
395
398
  "VULNERABILITY_MANAGER"
396
399
  ]["DEFECT_DOJO"]["HOST_DEFECT_DOJO"],
397
- "expression": vulnerability_management.config_tool[
398
- "VULNERABILITY_MANAGER"
399
- ]["DEFECT_DOJO"]["CMDB"]["REGEX_EXPRESSION_CMDB"],
400
+ "expression": vulnerability_management.config_tool["VULNERABILITY_MANAGER"][
401
+ "DEFECT_DOJO"
402
+ ]["CMDB"]["REGEX_EXPRESSION_CMDB"],
400
403
  }
401
404
 
402
405
  if use_cmdb:
403
- cmdb_mapping = vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["CMDB"]["CMDB_MAPPING"]
406
+ cmdb_mapping = vulnerability_management.config_tool[
407
+ "VULNERABILITY_MANAGER"
408
+ ]["DEFECT_DOJO"]["CMDB"]["CMDB_MAPPING"]
404
409
  return Connect.cmdb(
405
410
  cmdb_mapping={
406
411
  "product_type_name": cmdb_mapping["PRODUCT_TYPE_NAME"],
@@ -412,19 +417,21 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
412
417
  compact_remote_config_url=f'{vulnerability_management.base_compact_remote_config_url}{vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["CMDB"]["CMDB_MAPPING_PATH"]}',
413
418
  personal_access_token=vulnerability_management.access_token,
414
419
  token_cmdb=token_cmdb,
415
- host_cmdb=vulnerability_management.config_tool[
420
+ host_cmdb=vulnerability_management.config_tool["VULNERABILITY_MANAGER"][
421
+ "DEFECT_DOJO"
422
+ ]["CMDB"]["HOST_CMDB"],
423
+ cmdb_request_response=vulnerability_management.config_tool[
416
424
  "VULNERABILITY_MANAGER"
417
- ]["DEFECT_DOJO"]["CMDB"]["HOST_CMDB"],
418
- cmdb_request_response=vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["CMDB"]["CMDB_REQUEST_RESPONSE"],
425
+ ]["DEFECT_DOJO"]["CMDB"]["CMDB_REQUEST_RESPONSE"],
419
426
  **common_fields,
420
427
  )
421
428
  else:
422
429
  request: ImportScanRequest = ImportScanSerializer().load(
423
430
  {
424
- "product_type_name":vulnerability_management.vm_product_type_name,
431
+ "product_type_name": vulnerability_management.vm_product_type_name,
425
432
  "product_name": vulnerability_management.vm_product_name,
426
- "product_description":vulnerability_management.vm_product_description,
427
- "code_app":vulnerability_management.vm_product_name,
433
+ "product_description": vulnerability_management.vm_product_description,
434
+ "code_app": vulnerability_management.vm_product_name,
428
435
  **common_fields,
429
436
  }
430
437
  )
@@ -535,9 +542,17 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
535
542
 
536
543
  def _create_exclusion(self, finding, date_fn, tool, reason):
537
544
  create_date, expired_date = self._date_reason_based(finding, date_fn, reason)
538
-
545
+
539
546
  return Exclusions(
540
- id=finding.vuln_id_from_tool if finding.vuln_id_from_tool else finding.vulnerability_ids[0]["vulnerability_id"],
547
+ id=(
548
+ finding.vuln_id_from_tool
549
+ if finding.vuln_id_from_tool
550
+ else (
551
+ finding.vulnerability_ids[0]["vulnerability_id"]
552
+ if finding.vulnerability_ids
553
+ else ""
554
+ )
555
+ ),
541
556
  where=self._get_where(finding, tool),
542
557
  create_date=create_date,
543
558
  expired_date=expired_date,
@@ -549,7 +564,11 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
549
564
  create_date, expired_date = self._date_reason_based(finding, date_fn, reason)
550
565
 
551
566
  return Exclusions(
552
- id=finding.vuln_id_from_tool if finding.vuln_id_from_tool else finding.vulnerability_ids[0]["vulnerability_id"],
567
+ id=(
568
+ finding.vuln_id_from_tool
569
+ if finding.vuln_id_from_tool
570
+ else finding.id[0]["vulnerability_id"] if finding.id else ""
571
+ ),
553
572
  where=self._get_where(finding, tool),
554
573
  create_date=create_date,
555
574
  expired_date=expired_date,
@@ -604,7 +623,11 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
604
623
 
605
624
  def _get_where(self, finding, tool):
606
625
  if tool == "engine_dependencies":
607
- return finding.component_name.replace("_", ":") + ":" + finding.component_version
626
+ return (
627
+ finding.component_name.replace("_", ":")
628
+ + ":"
629
+ + finding.component_version
630
+ )
608
631
  elif tool == "engine_container":
609
632
  return finding.component_name + ":" + finding.component_version
610
633
  elif tool == "engine_dast":
devsecops_engine_tools/version.py CHANGED
@@ -1 +1 @@
1
- version = '1.30.0'
1
+ version = '1.30.2'
{devsecops_engine_tools-1.30.0.dist-info → devsecops_engine_tools-1.30.2.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: devsecops-engine-tools
3
- Version: 1.30.0
3
+ Version: 1.30.2
4
4
  Summary: Tool for DevSecOps strategy
5
5
  Home-page: https://github.com/bancolombia/devsecops-engine-tools
6
6
  Author: Bancolombia DevSecOps Team
{devsecops_engine_tools-1.30.0.dist-info → devsecops_engine_tools-1.30.2.dist-info}/RECORD RENAMED
@@ -1,5 +1,5 @@
1
1
  devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
2
- devsecops_engine_tools/version.py,sha256=oo1yHf1CRi6O5E5xy2YzgfrX7VxG1rFcHuyXmWu_iPQ,19
2
+ devsecops_engine_tools/version.py,sha256=QZYYG97jDk2EtK7v0CNUVwwZqOg9qP-xrf5aus8iFlY,19
3
3
  devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
4
4
  devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
5
5
  devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -38,7 +38,7 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secret
38
38
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
39
39
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=buCBJ6kAg-5b_7P-gWzem6NEMbk5lK9Hx0Zuf-BQfXQ,5090
40
40
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
41
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=-_Cuc4B5nhdLJVOXUfT6UwsdHdGNKv97piPbXl6snOc,24598
41
+ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=35J9vfiGYJV_JMUum4ji7nj-DLRcnZhf9DKY2FkcmKY,24998
42
42
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
43
43
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py,sha256=KCg6tTDncasrRZbB20QiLZNE6TKYkfgQ9zP0wPd3xe0,3925
44
44
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -317,8 +317,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
317
317
  devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
318
318
  devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
319
319
  devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=_yaXWHN1pi2xFFKg0yKbb4fsK_ZRv7Dk_9N1FtPS72k,5964
320
- devsecops_engine_tools-1.30.0.dist-info/METADATA,sha256=YCHin9RlQq1V5L9TsTPhA6crFm6sOnguyxtqofW8Kqs,11162
321
- devsecops_engine_tools-1.30.0.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
322
- devsecops_engine_tools-1.30.0.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
323
- devsecops_engine_tools-1.30.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
324
- devsecops_engine_tools-1.30.0.dist-info/RECORD,,
320
+ devsecops_engine_tools-1.30.2.dist-info/METADATA,sha256=1JGcYhIWKK_8Nt2XcaRp_5U1HhWKrx3yOVKfxKb8ULo,11162
321
+ devsecops_engine_tools-1.30.2.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
322
+ devsecops_engine_tools-1.30.2.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
323
+ devsecops_engine_tools-1.30.2.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
324
+ devsecops_engine_tools-1.30.2.dist-info/RECORD,,