django-DefectDojo icon indicating copy to clipboard operation
django-DefectDojo copied to clipboard
verified publisher icon DefectDojo

Add Author info in gitleak scan upload in defecftdojo

Open AnishaM7 opened this issue 10 months ago • 3 comments

:warning: Note on feature completeness :warning:

We are narrowing the scope of acceptable enhancements to DefectDojo. Learn more here: https://github.com/DefectDojo/django-DefectDojo/blob/master/readme-docs/CONTRIBUTING.md

Is your feature request related to a problem? Please describe A clear and concise description of what the problem is.

When we upload the gitleaks scan result to defectdojo, the finding doesn't describe the author information.

  • we dont have info on author who committed the secret, all other details are present in description Image

Describe the solution you'd like A clear and concise description of what you want to happen. add info on author information, who has committed the secret

Describe alternatives you've considered A clear and concise description of any alternative solutions or features you have considered.

Additional context Add any other context, screenshots, sketch, code snippet, etc. about the feature request here.

AnishaM7 avatar Mar 24 '25 06:03 AnishaM7

Image

This is why author is outcommented. If this feature could be implemented, this use case could be covered: https://github.com/DefectDojo/django-DefectDojo/issues/9250

manuel-sommer avatar Mar 24 '25 07:03 manuel-sommer

Thanks for the update @manuel-sommer

AnishaM7 avatar Mar 24 '25 08:03 AnishaM7

A question: @mtesauro and @Maffooch : As https://github.com/DefectDojo/django-DefectDojo/issues/9250 was closed, would you accept a PR for an API call regarding GDPR. This could be done as a boolean value enabling GDPR or not. This setting could also be used in other scanners like https://github.com/newrelic/rusty-hog. I would be open to submit a PR

manuel-sommer avatar Mar 28 '25 07:03 manuel-sommer