maibornwolff / dd-import Goto Github PK
View Code? Open in Web Editor NEWA utility to (re-)import findings and language data into DefectDojo
License: BSD 3-Clause "New" or "Revised" License
A utility to (re-)import findings and language data into DefectDojo
License: BSD 3-Clause "New" or "Revised" License
Hi, firstly, thank you for creating and maintaining this project.
I'd like to request a feature: project types are created automatically, if they are missing.
I'm using GitLab groups as Product Types. My users like to create new groups regularly. It would be great if this synced automatically.
If you are fine with this idea, I'm happy to contribute appropriate changes.
Hi, I developed a workaround to set extra headers on the request to defect dojo for the reason that I cannot make requests directly to Defect Dojo because it is behind a Zero Trust solution that requires authentication, it is useful for me and I guess it will be a common deployment scenario.
DD_EXTRA_HEADER_1
DD_EXTRA_HEADER_1_VALUE
DD_EXTRA_HEADER_2
DD_EXTRA_HEADER_2_VALUE
So I opened this pull request: #101
Line 98 in 6e572d7
if self.environment.build_id is not None or \
self.environment.commit_hash is not None or \
self.environment.commit_hash is not None:
I believe the last check should be self.environment.branch_tag
shouldn't it?
Hi Team,
Thank you for all your work on this tool. I was wondering why the engagement end date for engagements created by the import are defaulted to the year 2999, I am new to DefectDojo and was wondering if this was a best practice or intended workflow for CI/CD engagements. I see the code here is where these values are being defined https://github.com/MaibornWolff/dd-import/blob/main/dd_import/dd_api.py#L103-L104, happy to put in a PR to make these environment variables as it serves my use case but was looking for more insight into why this was setup this way.
Best,
J
Hi folk,
I dont know how to make a pull request here.
From API ver 2.30.2, they remove the APIv2 and pump to APIv2 OA3.
We should change from;
https://github.com/MaibornWolff/dd-import/blob/main/dd_import/dd_api.py#L43
/api/v2/
to
/api/v2/oa3/
Thanks
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.