New optional per project property "defectdojo.testTitle"
When property is set, the given test title will be set in DefectDojo
Signed-off-by: Andre Schlegel-Tylla <andre.schlegel-tylla@virtimo.de>
While HTTP headers are case-insensitive, these changes align the examples with the rest of the documentation and source code.
Signed-off-by: Steven Buccini <steven@stevenbuccini.com>
Remove deprecation notice for unauthenticated access to the Badge API,
as the use of API keys for authenticated access comes with risks too
that the maintainer of the DT instance has to weigh against the use of
unauthenticated access which does not use API keys.
Signed-off-by: Kirill.Sybin <kirill.sybin@lex-com.net>
If uploaded BOM is invalid, dispatches a notification with InvalidBomProblemDetails before
throwing the respective exception
Signed-off-by: Aravind Parappil <aravindparappil@gmail.com>
* Add BOM_PROCESSING_FAILED notification
A new notification is sent if the notification rule includes the
notification group BOM_PROCESSING_FAILED and if an error happens during
the upload of a BOM.
Signed-off-by: RBickert <rbt@mm-software.com>
* Add project url and exception to new notification
Signed-off-by: RBickert <rbt@mm-software.com>
* Add BOM format and specVersion
Detach `bomProcessingFailedProject`
Rename `exception` to `cause`
Signed-off-by: RBickert <rbt@mm-software.com>
---------
Signed-off-by: RBickert <rbt@mm-software.com>
* fix alias mapping in export
Signed-off-by: Lars Meijers <Lars.Meijers@netcetera.com>
* bumped FPF version in test
Signed-off-by: Lars Meijers <Lars.Meijers@netcetera.com>
---------
Signed-off-by: Lars Meijers <Lars.Meijers@netcetera.com>
Closes#2469
* Add latest version value to a finding's component
Signed-off-by: RBickert <rbt@mm-software.com>
* Add test for `component.latestVersion` in Finding
Signed-off-by: RBickert <rbt@mm-software.com>
* Add new `finding.component.latestVersion` to docs
Signed-off-by: RBickert <rbt@mm-software.com>
Signed-off-by: RBickert <rbt@mm-software.com>
Notification template enhancement as described in #275. Allow publisher metadata propagation to implementing classes (e.g. MIME type)
Signed-off-by: Alioune SY <sy_alioune@yahoo.fr>
* Add sample for `POLICY_VIOLATION`
* Correct `cwe` field for vulnerability objects
Also fix wording in changelog
Signed-off-by: nscuro <nscuro@protonmail.com>
If you want to export the FPF format findings via the `/api/v1/finding/project/{uuid}/export` API, the documentation says that you need the VULNERABILITY_ANALYSIS permission for the accompanying API key. After some debugging, i found out that the source requires VIEW_VULNERABILITY:
beda0ce2a5/src/main/java/org/dependencytrack/resources/v1/FindingResource.java (L111)
This is a fix to patch the documentation to state the correct permissions needed.
Signed-off-by: Tonimir Kisasondi <kisasondi@gmail.com>
