Merge pull request #4234 from DefectDojo/release/1.14.1

valentijnscholten · web-flow · commit 96f2f34814b4 · 2021-04-08T19:59:44.000+02:00
Release/1.14.1
diff --git a/components/package.json b/components/package.json
@@ -1,6 +1,6 @@
 {
   "name": "DefectDojo",
-  "version": "1.14.0",
+  "version": "1.14.1",
   "dependencies": {
     "JUMFlot": "jumjum123/JUMFlot#*",
     "bootstrap": "^3.4.0",
diff --git a/dojo/__init__.py b/dojo/__init__.py
@@ -6,6 +6,6 @@
 
 default_app_config = 'dojo.apps.DojoAppConfig'
 
-__version__ = '1.14.0'
+__version__ = '1.14.1'
 __url__ = 'https://github.com/DefectDojo/django-DefectDojo'
 __docs__ = 'https://defectdojo.github.io/django-DefectDojo/'
diff --git a/dojo/forms.py b/dojo/forms.py
@@ -1783,7 +1783,7 @@ def clean(self):
         form_data = self.cleaned_data
 
         try:
-            jira = jira_helper.get_jira_connection_raw(form_data['url'], form_data['username'], form_data['password'], validate=True)
+            jira = jira_helper.get_jira_connection_raw(form_data['url'], form_data['username'], form_data['password'])
             logger.debug('valid JIRA config!')
         except Exception as e:
             # form only used by admins, so we can show full error message using str(e) which can help debug any problems
@@ -1810,7 +1810,7 @@ def clean(self):
         form_data = self.cleaned_data
 
         try:
-            jira = jira_helper.get_jira_connection_raw(form_data['url'], form_data['username'], form_data['password'], validate=True)
+            jira = jira_helper.get_jira_connection_raw(form_data['url'], form_data['username'], form_data['password'],)
             logger.debug('valid JIRA config!')
         except Exception as e:
             # form only used by admins, so we can show full error message using str(e) which can help debug any problems
diff --git a/dojo/jira_link/helper.py b/dojo/jira_link/helper.py
@@ -311,12 +311,12 @@ def has_jira_configured(obj):
     return get_jira_project(obj) is not None
 
 
-def get_jira_connection_raw(jira_server, jira_username, jira_password, validate=False):
+def get_jira_connection_raw(jira_server, jira_username, jira_password):
     try:
         jira = JIRA(server=jira_server,
                 basic_auth=(jira_username, jira_password),
                 options={"verify": settings.JIRA_SSL_VERIFY},
-                max_retries=0, validate=validate)
+                max_retries=0)
 
         logger.debug('logged in to JIRA ''%s'' successfully', jira_server)
 
diff --git a/dojo/jira_link/views.py b/dojo/jira_link/views.py
@@ -217,7 +217,7 @@ def express_new_jira(request):
             jira_password = jform.cleaned_data.get('password')
 
             try:
-                jira = jira_helper.get_jira_connection_raw(jira_server, jira_username, jira_password, validate=True)
+                jira = jira_helper.get_jira_connection_raw(jira_server, jira_username, jira_password)
             except Exception as e:
                 logger.exception(e)  # already logged in jira_helper
                 messages.add_message(request,
@@ -301,7 +301,7 @@ def new_jira(request):
             jira_password = jform.cleaned_data.get('password')
 
             logger.debug('calling get_jira_connection_raw')
-            jira = jira_helper.get_jira_connection_raw(jira_server, jira_username, jira_password, validate=True)
+            jira = jira_helper.get_jira_connection_raw(jira_server, jira_username, jira_password)
 
             new_j = jform.save(commit=False)
             new_j.url = jira_server
@@ -342,7 +342,7 @@ def edit_jira(request, jid):
                 # on edit the password is optional
                 jira_password = jira_password_from_db
 
-            jira = jira_helper.get_jira_connection_raw(jira_server, jira_username, jira_password, validate=True)
+            jira = jira_helper.get_jira_connection_raw(jira_server, jira_username, jira_password)
 
             new_j = jform.save(commit=False)
             new_j.url = jira_server
diff --git a/dojo/unittests/test_jira_config_product.py b/dojo/unittests/test_jira_config_product.py
@@ -48,9 +48,9 @@ def setUp(self):
     def add_jira_instance(self, data, jira_mock):
         response = self.client.post(reverse('add_jira'), urlencode(data), content_type='application/x-www-form-urlencoded')
         # check that storing a new config triggers a login call to JIRA
-        call_1 = call(data['url'], data['username'], data['password'], validate=True)
-        call_2 = call(data['url'], data['username'], data['password'], validate=True)
-        # jira_mock.assert_called_once_with(data['url'], data['username'], data['password'], validate=True)
+        call_1 = call(data['url'], data['username'], data['password'])
+        call_2 = call(data['url'], data['username'], data['password'])
+        # jira_mock.assert_called_once_with(data['url'], data['username'], data['password'])
         jira_mock.assert_has_calls([call_1, call_2])
         # succesful, so should redirect to list of JIRA instances
         self.assertRedirects(response, '/jira')
@@ -85,7 +85,7 @@ def test_add_jira_instance_unknown_host(self):
 
         # test raw connection error
         with self.assertRaises(requests.exceptions.RequestException):
-            jira = jira_helper.get_jira_connection_raw(data['url'], data['username'], data['password'], validate=True)
+            jira = jira_helper.get_jira_connection_raw(data['url'], data['username'], data['password'])
 
     @patch('dojo.jira_link.views.jira_helper.get_jira_connection_raw')
     def test_add_jira_instance_invalid_credentials(self, jira_mock):
diff --git a/dojo/unittests/tools/test_safety_parser.py b/dojo/unittests/tools/test_safety_parser.py
@@ -10,15 +10,12 @@ def test_example_report(self):
         parser = SafetyParser()
         findings = parser.get_findings(testfile, Test())
         self.assertEqual(3, len(findings))
-        for item in findings:
-            self.assertIsNotNone(item.cve)
 
     def test_no_cve(self):
         testfile = open("dojo/unittests/scans/safety/no_cve.json")
         parser = SafetyParser()
         findings = parser.get_findings(testfile, Test())
         self.assertEqual(1, len(findings))
-        self.assertIsNone(findings[0].cve)
 
     def test_empty_report(self):
         testfile = open("dojo/unittests/scans/safety/empty.json")
@@ -31,9 +28,6 @@ def test_multiple_cves(self):
         parser = SafetyParser()
         findings = parser.get_findings(testfile, Test())
         self.assertEqual(1, len(findings))
-        for finding in findings:
-            if "37863" == finding.unique_id_from_tool:
-                self.assertIsNone(finding.cve)
 
     def test_multiple2(self):
         testfile = open("dojo/unittests/scans/safety/many_vulns.json")
@@ -44,6 +38,3 @@ def test_multiple2(self):
             if "39608" == finding.unique_id_from_tool:
                 self.assertEqual("httplib2", finding.component_name)
                 self.assertEqual("0.18.1", finding.component_version)
-                self.assertEqual("CVE-2021-21240", finding.cve)
-            elif "39525" == finding.unique_id_from_tool:
-                self.assertIsNone(finding.cve)
diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: "1.14.0"
+appVersion: "1.14.1"
 description: A Helm chart for Kubernetes to install DefectDojo
 name: defectdojo
 version: 1.5.1
diff --git a/setup.py b/setup.py
@@ -4,7 +4,7 @@
 
 setup(
     name='DefectDojo',
-    version='1.14.0',
+    version='1.14.1',
     author='Greg Anderson',
     description="Tool for managing vulnerability engagements",
     install_requires=[

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "DefectDojo",`
`3`		`- "version": "1.14.0",`
	`3`	`+ "version": "1.14.1",`
`4`	`4`	`"dependencies": {`
`5`	`5`	`"JUMFlot": "jumjum123/JUMFlot#*",`
`6`	`6`	`"bootstrap": "^3.4.0",`