[pull] main from factionsecurity:main #30
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* remove details when deleting a vuln * adding random id to uploads and setting empty vulns * bugfix in scheduling - Automatically Create assessment type when uploading an assessment - Set vulns to empty array when creating the assessment via upload - Bugfixes in scheduling UI - Events added to table multiple times * [maven-release-plugin] prepare release 1.2.6 * [maven-release-plugin] prepare for next development iteration
Bumps [org.apache.struts:struts2-core](https://github.com/apache/struts) from 2.5.32 to 2.5.33. - [Release notes](https://github.com/apache/struts/releases) - [Commits](https://github.com/apache/struts/commits) --- updated-dependencies: - dependency-name: org.apache.struts:struts2-core dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* adding new vuln would copy text from last vuln * replacing the text editor * adding editors to overview * fix undo bug in toast * adding toast to engagement * updating struts * fixing char encoding issue * fixing charset issues * updating default vuln text editor * updating templates with toastui * replace editor and fix bugs in multi page table * save should be based on id * save should be based on id * fix issue #61 * reproduction with unit test for issue 61 (#62) * fix compilation error * getVulns() uses GetType() so type must be set before * add reproduction unittest for textbox issue --------- Co-authored-by: Josh <[email protected]> * update text editors and ui bugs in remeditaiton * updating text editor on retests and verification edit * fix possible vuln XXE * fix possible vuln XXE * remove deprecated code * update docx4j and remove unneeded libs * remove unneeded code * Remove unneeded code * cleanup * cleanup * cleanup * cleanup * fix possible xss * random js errors * javascript and css cleanup * remedition updates * fixing remediation sorting * fixing editors and prevent closing verification when 'in retest' * fixing editors and prevent closing verification when 'in retest' * fix bad config that hides the app store * adding indicators on verifications * fix issue with saveing and loading custom fields in vulns * fix broken history in assessment * fixing select2 * adding vuln search * add multiple notes to an assessment * wip-getting multiple notes working * fix issue with cvss and test reports * organize locks and add note locks * almost finished backend and javascript for note edit blocking * prerelease files * fix struts convention errors on boot * remove example code * upgrade convention plugin * wip - getting retest reports back * Remove Report code from this action * Ensure default values that could break report generation * Move Report functions to a single class * update reporting url * wip - generating retest reports * adding report tables to ux in remediation flows * update verification edit to gen retest reports * wip - downloading all reports * downloading retest reports * adding retest report generation to vulns * fix css issue on smaller screens * adding reports to retests * Generate Retest Report in Notifications * code clean up * wip - new Remediation workflow * integration of new workflow * remediation integration bugs * finish integrating new remediation workflow * update notes pages * updating retest report templates --------- Co-authored-by: Thomas Moerkerken <[email protected]>
* remove SAML setting * sending calendar invites * sending calendar invites * show correct rt fields in schedule * sending calendar invites * show correct rt fields in schedule * Adding Status Col to dashboard * sending calendar invites * Adding Status to Assessment Queue * Adding Status to Assessment Queue * fixing email invite options * adding features for invite integration * change name * fixing issue #108 * adding userdefined variables to default vulns * bugfix: auto saving vuln from template * fix issue with images being undefined * possible js scoping issue
…110) BUG: Severity for Default Vulnerabilities uploaded from APIs are ignored because are recalculated starting from the CVSS score even if it is not provided. This causes all vulnerabilities uploaded from APIs to be assigned an overall Recommended risk. Solution: Recalculate severity based on CVSS only if no severity is provided from the API. Prompt to provide a severity or CVSS for Default Vulnerabilities without them.
* bugfix: email validation * bugfix: screen jumps when adding a new vuln * bugfix: extra char in default richtext fields * bugfix: can't edit user-defined vars in assessment edit * bugfix: reports break if remediation user is removed * wip:status * fix status and styling * feature: status integrations * adding status workflows * adding manager dashboards * dashboard-wip * manager-dashboard-wip * adding ms enterprise links * fix assessment bar chart colors * finishing the manager dashboard * fixing issue #111 * allow custom fields via api per #114 * updated vulns should return vids * report sections in api * report section validations in api * report section validations in api * adding cve database to the search * add center, image border, and bugfixes * fixing loaded disabled extensions * fix issues with api * code clean up * apply status migration * [maven-release-plugin] prepare release 1.7.0 * [maven-release-plugin] prepare for next development iteration
Added sections for community involvement and contributing guidelines.
Updated email contact for extension submissions.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )