update according to #13261

Author: manuel-sommer

dojo/db_migrations/0243_finding_fix_version.py

@@ -433,7 +433,7 @@ def process_matched_mitigated_finding(
         """
         if existing_finding.fix_available != unsaved_finding.fix_available:
             existing_finding.fix_available = unsaved_finding.fix_available
-            existing_finding.fix_version = unsaved_finding.fix_version
+            existing_finding.planned_remediation_version = unsaved_finding.planned_remediation_version
 
         # if the reimported item has a mitigation time, we can compare
         if unsaved_finding.is_mitigated:
@@ -543,7 +543,7 @@ def process_matched_active_finding(
             logger.debug("Reimported item matches a finding that is currently open.")
             if existing_finding.fix_available != unsaved_finding.fix_available:
                 existing_finding.fix_available = unsaved_finding.fix_available
-                existing_finding.fix_version = unsaved_finding.fix_version
+                existing_finding.planned_remediation_version = unsaved_finding.planned_remediation_version
             if unsaved_finding.is_mitigated:
                 logger.debug("Reimported mitigated item matches a finding that is currently open, closing.")
                 # TODO: Implement a date comparison for opened defectdojo findings before closing them by reimporting,

dojo/importers/default_reimporter.py

@@ -2416,11 +2416,6 @@ class Finding(models.Model):
                                         default=None,
                                         verbose_name=_("Fix Available"),
                                         help_text=_("Denotes if there is a fix available for this flaw."))
-    fix_version = models.CharField(null=True,
-                                         blank=True,
-                                         max_length=100,
-                                         verbose_name=_("Fix version"),
-                                         help_text=_("Version of the affected component in which the flaw is fixed."))
     impact = models.TextField(verbose_name=_("Impact"),
                                 null=True,
                                 blank=True,

dojo/models.py

@@ -557,9 +557,9 @@ <h3 class="pull-left finding-title">
                 <th>Component Version</th>
                 {% endif %}
                 {% if finding.fix_available %}
-                <th>Fix Available</th>
+                <th>Planned remediation verion</th>
                 {% endif %}
-                {% if finding.fix_version %}
+                {% if finding.planned_remediation_version %}
                 <th>Fixed Version</th>
                 {% endif %}
                 {% if finding.has_jira_configured or finding.jira_issue %}
@@ -628,10 +628,10 @@ <h3 class="pull-left finding-title">
                     </span>
                 </td>
                 {% endif %}
-                {% if finding.fix_version %}
+                {% if finding.planned_remediation_version %}
                 <td>
                     <span>
-                        {{ finding.fix_version }}
+                        {{ finding.planned_remediation_version }}
                     </span>
                 </td>
                 {% endif %}

dojo/templates/dojo/view_finding.html

@@ -122,17 +122,17 @@ def get_findings(self, file, test):
 
             finding_mitigation = None
             fix_available = False
-            fix_version = None
+            planned_remediation_version = None
             if vuln_fix_versions:
                 fix_available = True
                 finding_mitigation = "Upgrade to version:"
                 if len(vuln_fix_versions) == 1:
                     finding_mitigation += f" {vuln_fix_versions[0]}"
-                    fix_version = vuln_fix_versions[0]
+                    planned_remediation_version = vuln_fix_versions[0]
                 else:
-                    fix_version = ", ".join(vuln_fix_versions)
-                    for fix_version in vuln_fix_versions:
-                        finding_mitigation += f"\n- {fix_version}"
+                    planned_remediation_version = ", ".join(vuln_fix_versions)
+                    for planned_remediation_version in vuln_fix_versions:
+                        finding_mitigation += f"\n- {planned_remediation_version}"
 
             finding_references = ""
             if vuln_datasource:
@@ -206,7 +206,7 @@ def get_findings(self, file, test):
                     nb_occurences=1,
                     file_path=file_path,
                     fix_available=fix_available,
-                    fix_version=fix_version,
+                    planned_remediation_version=planned_remediation_version,
                 )
                 dupes[dupe_key].unsaved_vulnerability_ids = vulnerability_ids
 

dojo/tools/anchore_grype/parser.py

@@ -1701,7 +1701,7 @@ def test_import_reimport_fix_available(self):
         findings = Finding.objects.filter(test=test)
         self.assertEqual(1, len(findings))
         self.assertEqual(False, findings[0].fix_available)
-        self.assertEqual(None, findings[0].fix_version)
+        self.assertEqual(None, findings[0].planned_remediation_version)
 
         test_type = Test_Type.objects.get(name=self.anchore_grype_scan_type)
         reimport_test = Test(
@@ -1716,7 +1716,7 @@ def test_import_reimport_fix_available(self):
         findings = Finding.objects.filter(test=reimport_test)
         self.assertEqual(1, len(findings))
         self.assertEqual(True, findings[0].fix_available)
-        self.assertEqual("1.2.3", findings[0].fix_version)
+        self.assertEqual("1.2.3", findings[0].planned_remediation_version)
 
     def test_import_history_reactivated_and_untouched_findings_do_not_mix(self):
         import0 = self.import_scan_with_params(self.generic_import_1, scan_type=self.scan_type_generic)

unittests/test_import_reimport.py

@@ -272,15 +272,15 @@ def test_grype_fix_not_available(self):
             findings = parser.get_findings(testfile, Test())
             self.assertEqual(1, len(findings))
             self.assertEqual(findings[0].fix_available, False)
-            self.assertEqual(findings[0].fix_version, None)
+            self.assertEqual(findings[0].planned_remediation_version, None)
 
     def test_grype_fix_available(self):
         with (get_unit_tests_scans_path("anchore_grype") / "fix_available.json").open(encoding="utf-8") as testfile:
             parser = AnchoreGrypeParser()
             findings = parser.get_findings(testfile, Test())
             self.assertEqual(1, len(findings))
             self.assertEqual(findings[0].fix_available, True)
-            self.assertEqual(findings[0].fix_version, "1.2.3")
+            self.assertEqual(findings[0].planned_remediation_version, "1.2.3")
 
     def test_grype_issue_9942(self):
         with (get_unit_tests_scans_path("anchore_grype") / "issue_9942.json").open(encoding="utf-8") as testfile: