Skip to content

AWS Inspector 2 Line number bug + other changes#14616

Merged
Maffooch merged 6 commits intoDefectDojo:bugfixfrom
Jino-T:aws-inspector-fix
Apr 6, 2026
Merged

AWS Inspector 2 Line number bug + other changes#14616
Maffooch merged 6 commits intoDefectDojo:bugfixfrom
Jino-T:aws-inspector-fix

Conversation

@Jino-T
Copy link
Copy Markdown
Contributor

@Jino-T Jino-T commented Mar 31, 2026
edited
Loading

[sc-12948]

  • There was a bug with line number where if the scan didn't have the relevant value the import would crash because the default value was the string "N/A" instead of none.
  • Additionally the following fields were added for Package Vulnerability type findings:
    1. component_name
    2. component_version
    3. file_path
    4. references
    5. publish_date
    6. cvssv3_score

@valentijnscholten valentijnscholten added this to the 2.57.0 milestone Apr 1, 2026
Maffooch
Maffooch previously requested changes Apr 1, 2026
View reviewed changes
@Jino-T Jino-T requested a review from Maffooch April 1, 2026 20:59
@Jino-T Jino-T marked this pull request as ready for review April 3, 2026 15:32
@Jino-T Jino-T requested a review from mtesauro as a code owner April 3, 2026 15:32
@Jino-T Jino-T dismissed Maffooch’s stale review April 3, 2026 15:33

The requested changes were made

@Maffooch @claude
Add LocationData.dependency() support for package vulnerability findings
c5f62cc 
Populate unsaved_locations with dependency location data from
vulnerablePackages, gated behind V3_FEATURE_LOCATIONS. Also fix
process_endpoints to extend rather than overwrite unsaved_locations
so dependency locations are preserved.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Maffooch and others added 3 commits April 6, 2026 09:18
@Maffooch @claude
Remove validate_locations call from metadata test
f60078f 
The test fixture contains Lambda ARNs with "$LATEST" which produces
invalid hostnames for endpoint validation. Endpoint validation is
already covered by the other parser tests.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@Maffooch @claude
Gate LocationData test assertions behind V3_FEATURE_LOCATIONS
e5fde31 
Finding.unsaved_locations only exists when V3_FEATURE_LOCATIONS is
enabled, so the dependency location assertions must be conditional.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@Maffooch @claude
Fix import sorting for ruff linting
c8aaadf 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@Maffooch Maffooch merged commit 7a7a402 into DefectDojo:bugfix Apr 6, 2026
157 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@valentijnscholten valentijnscholten valentijnscholten approved these changes

@dogboat dogboat dogboat approved these changes

@rossops rossops rossops approved these changes

@Maffooch Maffooch Maffooch approved these changes

@mtesauro mtesauro Awaiting requested review from mtesauro mtesauro is a code owner

@paulOsinski paulOsinski Awaiting requested review from paulOsinski

Assignees

No one assigned

Labels

parser unittests

Projects

None yet

Milestone

2.57.0

Development

Successfully merging this pull request may close these issues.

5 participants

@Jino-T @valentijnscholten @dogboat @rossops @Maffooch