Skip to content

importers: clean tags before saving #12811

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Jul 21, 2025
Merged

importers: clean tags before saving #12811

merged 12 commits into from
Jul 21, 2025

Conversation

valentijnscholten
Copy link
Member

Some parsers such as the sysdig parsers were inserting spaces into tags. This violates the validation rules introduced recently.

This PR:

  • Changes Sysdig parser to not insert spaces
  • Changes import and reimport to replace invalid characters in tags with '_' using a new clean_tags function
  • Changes Sysdig parser to use the clean_tags function (as an example)

In general we want to improve data validation for import/reimport which we'll be looking at next. For now we wanted to do a specific fix for the sysdig parsers and general tags usage. But we didn't want to completely block on any invalid characters in tags as they might appear in place where the user has little or no control.

For other fields there is the same risk. So validating all fields and raising errors or skipping invalid findings is for a next PR in a monthly release where we can test various cases and provide informtion in the release notes/upgrade notes.

@valentijnscholten valentijnscholten added this to the 2.48.3 milestone Jul 20, 2025
@github-actions github-actions bot added New Migration Adding a new migration file. Take care when merging. settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR apiv2 docs unittests ui parser helm labels Jul 20, 2025
@valentijnscholten valentijnscholten changed the base branch from master to bugfix July 20, 2025 08:18
@valentijnscholten valentijnscholten marked this pull request as ready for review July 20, 2025 08:19
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jul 20, 2025
edited
Loading

DryRun Security

No security concerns detected in this pull request.

All finding details can be found in the DryRun Security Dashboard.

@github-actions github-actions bot removed settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR apiv2 ui helm labels Jul 20, 2025
mtesauro
mtesauro approved these changes Jul 21, 2025
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@valentijnscholten valentijnscholten marked this pull request as draft July 21, 2025 07:17
@valentijnscholten valentijnscholten marked this pull request as ready for review July 21, 2025 15:31
@valentijnscholten valentijnscholten modified the milestones: 2.48.3, 2.48.2 Jul 21, 2025
@Maffooch Maffooch merged commit a2863b9 into DefectDojo:bugfix Jul 21, 2025
86 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mtesauro mtesauro mtesauro approved these changes

@rossops rossops rossops approved these changes

@Maffooch Maffooch Maffooch approved these changes

@Jino-T Jino-T Jino-T approved these changes

Assignees
No one assigned
Labels
docs New Migration Adding a new migration file. Take care when merging. parser unittests
Projects
None yet
Milestone
2.48.2
Development

Successfully merging this pull request may close these issues.
5 participants
@valentijnscholten @mtesauro @rossops @Maffooch @Jino-T