Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nosey Parker description fixes #9856

Merged
merged 1 commit into from
May 20, 2024
Merged

Nosey Parker description fixes #9856

merged 1 commit into from
May 20, 2024

Conversation

tpat13
Copy link
Contributor

@tpat13 tpat13 commented Apr 1, 2024
edited
Loading

Current issue with the Nosey Parker parser:

The parser currently grabs a code snippet for the secret found in source code. This code snippet is taken directly from the Nosey Parker JSONL output. However, in some cases, secrets are printed out in Defect Dojo (in plaintext) if they are in the line before and after the matching secret.

image

Checklist

This checklist is for your information.

  • Make sure to rebase your PR against the very latest dev.
  • Features/Changes should be submitted against the dev.
  • Give a meaningful name to your PR, as it may end up being used in the release notes.
  • Your code is flake8 compliant.
  • Your code is python 3.11 compliant.

@github-actions github-actions bot added docker New Migration Adding a new migration file. Take care when merging. settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR apiv2 docs unittests integration_tests ui parser helm labels Apr 1, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Apr 1, 2024

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
Sensitive Functions Analyzer 0 findings
Configured Sensitive Files Analyzer 1 findings
Sensitive Files Analyzer 3 findings

Note

🔴 Risk threshold exceeded. Adding a reviewer if one is configured in .dryrunsecurity.yaml.

notification list: @mtesauro @grendel513

Tip

Get answers to your security questions. Add a comment in this PR starting with @DryRunSecurity. For example...

@dryrunsecurity What are common security issues with web application cookies?

Powered by DryRun Security

@tpat13 tpat13 changed the base branch from master to dev April 1, 2024 17:41
@tpat13 tpat13 changed the title Nosey parker fixes Nosey parker description fixes Apr 1, 2024
@tpat13 tpat13 changed the title Nosey parker description fixes Nosey Parker description fixes Apr 1, 2024
@tpat13 tpat13 marked this pull request as ready for review April 2, 2024 12:54
mtesauro
mtesauro approved these changes Apr 6, 2024
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@github-actions github-actions bot removed docker New Migration Adding a new migration file. Take care when merging. settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR apiv2 docs unittests integration_tests ui helm labels Apr 8, 2024
@tpat13 tpat13 marked this pull request as draft April 8, 2024 13:57
@tpat13 tpat13 marked this pull request as ready for review April 26, 2024 19:22
@Maffooch Maffooch merged commit bdbf977 into DefectDojo:dev May 20, 2024
119 of 120 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Maffooch Maffooch Maffooch approved these changes

@mtesauro mtesauro mtesauro approved these changes

@cneill cneill cneill approved these changes

@grendel513 grendel513 grendel513 approved these changes

Assignees
No one assigned
Labels
parser
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@tpat13 @grendel513 @cneill @mtesauro @Maffooch