From a47099d2e521d9340c04f7fb4c9439c6c0ec57a5 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Mon, 4 Aug 2025 22:19:35 +0200 Subject: [PATCH 01/21] :tada: Advance reimport to update fix_available field #12633 --- dojo/importers/default_reimporter.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dojo/importers/default_reimporter.py b/dojo/importers/default_reimporter.py index 7adb2c65c48..d2da23d8948 100644 --- a/dojo/importers/default_reimporter.py +++ b/dojo/importers/default_reimporter.py @@ -588,6 +588,9 @@ def process_matched_active_finding( # First check that the existing finding is definitely not mitigated if not (existing_finding.mitigated and existing_finding.is_mitigated): logger.debug("Reimported item matches a finding that is currently open.") + if unsaved_finding.fix_available: + logger.debug("Reimported finding has a fix available now.") + existing_finding.fix_available = True if unsaved_finding.is_mitigated: logger.debug("Reimported mitigated item matches a finding that is currently open, closing.") # TODO: Implement a date comparison for opened defectdojo findings before closing them by reimporting, From dc640884dd8d53a26ef21fcb618ef5b3202c6e56 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Mon, 4 Aug 2025 23:15:37 +0200 Subject: [PATCH 02/21] docs --- .../connecting_your_tools/import_scan_files/using_reimport.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md b/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md index 8645d3ba184..ef6974915c2 100644 --- a/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md +++ b/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md @@ -32,6 +32,10 @@ Any vulnerabilities which were not contained in the previous import will be adde If any incoming Findings match Findings that already exist, the incoming Findings will be discarded rather than recorded as Duplicates. These Findings have been recorded already \- no need to add a new Finding object. The Test page will show these Findings as **Left Untouched**. +### Field fix_available + +If any incoming Findings match Findings that already exist, the incoming Finding is checked if a fix is available `fix_available` and updated. These Findings have been recorded already \- no need to add a new Finding object. The Test page will show these Findings as **Left Untouched**. + ### Close Findings If there are any Findings that already exist in the Test but which are not present in the incoming report, you can choose to automatically set those Findings to Inactive and Mitigated (on the assumption that those vulnerabilities have been resolved since the previous import). The Test page will show these Findings as **Closed**. From 7c6cd77867858017932dd1259c54ddf4fe64645a Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Tue, 26 Aug 2025 06:41:58 +0200 Subject: [PATCH 03/21] update --- dojo/importers/default_reimporter.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/dojo/importers/default_reimporter.py b/dojo/importers/default_reimporter.py index d2da23d8948..26093288d53 100644 --- a/dojo/importers/default_reimporter.py +++ b/dojo/importers/default_reimporter.py @@ -479,6 +479,9 @@ def process_matched_mitigated_finding( to cover circumstances where mitigation timestamps are different, and decide which one to honor """ + if existing_finding.fix_available != unsaved_finding.fix_available: + existing_finding.fix_available = unsaved_finding.fix_available + # if the reimported item has a mitigation time, we can compare if unsaved_finding.is_mitigated: # The new finding is already mitigated, so nothing to change on the @@ -588,9 +591,8 @@ def process_matched_active_finding( # First check that the existing finding is definitely not mitigated if not (existing_finding.mitigated and existing_finding.is_mitigated): logger.debug("Reimported item matches a finding that is currently open.") - if unsaved_finding.fix_available: - logger.debug("Reimported finding has a fix available now.") - existing_finding.fix_available = True + if existing_finding.fix_available != unsaved_finding.fix_available: + existing_finding.fix_available = unsaved_finding.fix_available if unsaved_finding.is_mitigated: logger.debug("Reimported mitigated item matches a finding that is currently open, closing.") # TODO: Implement a date comparison for opened defectdojo findings before closing them by reimporting, From f81a6c14fd9d8879ea01e8bd35942132ee156c80 Mon Sep 17 00:00:00 2001 From: manuelsommer <47991713+manuel-sommer@users.noreply.github.com> Date: Tue, 26 Aug 2025 06:43:55 +0200 Subject: [PATCH 04/21] Update using_reimport.md --- .../connecting_your_tools/import_scan_files/using_reimport.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md b/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md index ef6974915c2..1e4d04d2e18 100644 --- a/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md +++ b/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md @@ -34,7 +34,7 @@ If any incoming Findings match Findings that already exist, the incoming Finding ### Field fix_available -If any incoming Findings match Findings that already exist, the incoming Finding is checked if a fix is available `fix_available` and updated. These Findings have been recorded already \- no need to add a new Finding object. The Test page will show these Findings as **Left Untouched**. +If any incoming Findings match Findings that already exist, the incoming Finding is checked if the field `fix_available` differs and is updated if yes. These Findings have been recorded already \- no need to add a new Finding object. The Test page will show these Findings as **Left Untouched**. ### Close Findings From 223ccce8711708e44119095e2e0f13670733faf3 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Thu, 28 Aug 2025 11:43:46 +0200 Subject: [PATCH 05/21] implement a fixed version --- dojo/db_migrations/0242_finding_fix_version.py | 18 ++++++++++++++++++ dojo/importers/default_reimporter.py | 4 ++++ dojo/models.py | 5 +++++ dojo/templates/dojo/view_finding.html | 10 ++++++++++ dojo/tools/harbor_vulnerability/parser.py | 1 + 5 files changed, 38 insertions(+) create mode 100644 dojo/db_migrations/0242_finding_fix_version.py diff --git a/dojo/db_migrations/0242_finding_fix_version.py b/dojo/db_migrations/0242_finding_fix_version.py new file mode 100644 index 00000000000..dbd55a2817e --- /dev/null +++ b/dojo/db_migrations/0242_finding_fix_version.py @@ -0,0 +1,18 @@ +# Generated by Django 5.1.11 on 2025-08-28 09:16 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('dojo', '0241_remove_system_settings_time_zone'), + ] + + operations = [ + migrations.AddField( + model_name='finding', + name='fix_version', + field=models.CharField(blank=True, help_text='Version of the affected component where the flaw will be fixed.', max_length=100, null=True, verbose_name='Fix version'), + ), + ] diff --git a/dojo/importers/default_reimporter.py b/dojo/importers/default_reimporter.py index 26093288d53..2a3ce676482 100644 --- a/dojo/importers/default_reimporter.py +++ b/dojo/importers/default_reimporter.py @@ -481,6 +481,8 @@ def process_matched_mitigated_finding( """ if existing_finding.fix_available != unsaved_finding.fix_available: existing_finding.fix_available = unsaved_finding.fix_available + if existing_finding.fix_version != unsaved_finding.fix_version: + existing_finding.fix_version = unsaved_finding.fix_version # if the reimported item has a mitigation time, we can compare if unsaved_finding.is_mitigated: @@ -593,6 +595,8 @@ def process_matched_active_finding( logger.debug("Reimported item matches a finding that is currently open.") if existing_finding.fix_available != unsaved_finding.fix_available: existing_finding.fix_available = unsaved_finding.fix_available + if existing_finding.fix_version != unsaved_finding.fix_version: + existing_finding.fix_version = unsaved_finding.fix_version if unsaved_finding.is_mitigated: logger.debug("Reimported mitigated item matches a finding that is currently open, closing.") # TODO: Implement a date comparison for opened defectdojo findings before closing them by reimporting, diff --git a/dojo/models.py b/dojo/models.py index e3958d76172..fdc991cc7b2 100644 --- a/dojo/models.py +++ b/dojo/models.py @@ -2415,6 +2415,11 @@ class Finding(models.Model): default=None, verbose_name=_("Fix Available"), help_text=_("Denotes if there is a fix available for this flaw.")) + fix_version = models.CharField(null=True, + blank=True, + max_length=100, + verbose_name=_("Fix version"), + help_text=_("Version of the affected component where the flaw will be fixed.")) impact = models.TextField(verbose_name=_("Impact"), null=True, blank=True, diff --git a/dojo/templates/dojo/view_finding.html b/dojo/templates/dojo/view_finding.html index 9001cbcd9cb..db282a2fb37 100755 --- a/dojo/templates/dojo/view_finding.html +++ b/dojo/templates/dojo/view_finding.html @@ -556,6 +556,9 @@

{% if finding.component_version %} Component Version {% endif %} + {% if finding.fix_version %} + Fixed Version + {% endif %} {% if finding.has_jira_configured or finding.jira_issue %} JIRA JIRA Change @@ -615,6 +618,13 @@

{% endif %} + {% if finding.fix_version %} + + + {{ finding.fix_version }} + + + {% endif %} {% if finding.has_jira_configured or finding.has_jira_issue or finding.has_jira_group_issue %} {% if finding.has_jira_group_issue %} diff --git a/dojo/tools/harbor_vulnerability/parser.py b/dojo/tools/harbor_vulnerability/parser.py index 44cabf2d3cc..92e3e7973a1 100644 --- a/dojo/tools/harbor_vulnerability/parser.py +++ b/dojo/tools/harbor_vulnerability/parser.py @@ -86,6 +86,7 @@ def get_findings(self, filename, test): component_version=package_version, cwe=cwe, fix_available=fix_available, + fix_version=fix_version, ) if vulnerability_id: find.unsaved_vulnerability_ids = [vulnerability_id] From ba9cefd6e4f810438cfff655fbeba58ae3cc68a9 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Thu, 28 Aug 2025 12:04:34 +0200 Subject: [PATCH 06/21] rebase fix --- ...{0242_finding_fix_version.py => 0243_finding_fix_version.py} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename dojo/db_migrations/{0242_finding_fix_version.py => 0243_finding_fix_version.py} (88%) diff --git a/dojo/db_migrations/0242_finding_fix_version.py b/dojo/db_migrations/0243_finding_fix_version.py similarity index 88% rename from dojo/db_migrations/0242_finding_fix_version.py rename to dojo/db_migrations/0243_finding_fix_version.py index dbd55a2817e..5c01f6d9658 100644 --- a/dojo/db_migrations/0242_finding_fix_version.py +++ b/dojo/db_migrations/0243_finding_fix_version.py @@ -6,7 +6,7 @@ class Migration(migrations.Migration): dependencies = [ - ('dojo', '0241_remove_system_settings_time_zone'), + ('dojo', '0242_file_upload_cleanup'), ] operations = [ From ba6e98359ea68c61c1865bb91cf20d79e92ec958 Mon Sep 17 00:00:00 2001 From: manuelsommer <47991713+manuel-sommer@users.noreply.github.com> Date: Thu, 28 Aug 2025 18:04:33 +0200 Subject: [PATCH 07/21] Update dojo/models.py Co-authored-by: valentijnscholten --- dojo/models.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dojo/models.py b/dojo/models.py index fdc991cc7b2..dd468b8b048 100644 --- a/dojo/models.py +++ b/dojo/models.py @@ -2419,7 +2419,7 @@ class Finding(models.Model): blank=True, max_length=100, verbose_name=_("Fix version"), - help_text=_("Version of the affected component where the flaw will be fixed.")) + help_text=_("Version of the affected component in which the flaw is fixed.")) impact = models.TextField(verbose_name=_("Impact"), null=True, blank=True, From 54e8035c0057ccc48188a5d2b171e06241c3d791 Mon Sep 17 00:00:00 2001 From: manuelsommer <47991713+manuel-sommer@users.noreply.github.com> Date: Thu, 28 Aug 2025 18:05:47 +0200 Subject: [PATCH 08/21] Update default_reimporter.py --- dojo/importers/default_reimporter.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/dojo/importers/default_reimporter.py b/dojo/importers/default_reimporter.py index 2a3ce676482..2114c3d94f4 100644 --- a/dojo/importers/default_reimporter.py +++ b/dojo/importers/default_reimporter.py @@ -481,8 +481,7 @@ def process_matched_mitigated_finding( """ if existing_finding.fix_available != unsaved_finding.fix_available: existing_finding.fix_available = unsaved_finding.fix_available - if existing_finding.fix_version != unsaved_finding.fix_version: - existing_finding.fix_version = unsaved_finding.fix_version + existing_finding.fix_version = unsaved_finding.fix_version # if the reimported item has a mitigation time, we can compare if unsaved_finding.is_mitigated: @@ -595,8 +594,7 @@ def process_matched_active_finding( logger.debug("Reimported item matches a finding that is currently open.") if existing_finding.fix_available != unsaved_finding.fix_available: existing_finding.fix_available = unsaved_finding.fix_available - if existing_finding.fix_version != unsaved_finding.fix_version: - existing_finding.fix_version = unsaved_finding.fix_version + existing_finding.fix_version = unsaved_finding.fix_version if unsaved_finding.is_mitigated: logger.debug("Reimported mitigated item matches a finding that is currently open, closing.") # TODO: Implement a date comparison for opened defectdojo findings before closing them by reimporting, From 8a00dd663be8aadf5b8f03d648acb285846253b8 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Thu, 28 Aug 2025 22:25:07 +0200 Subject: [PATCH 09/21] add unittests and grype --- dojo/tools/anchore_grype/parser.py | 3 + .../scans/anchore_grype/fix_available.json | 315 ++++++++++++++++++ .../anchore_grype/fix_not_available.json | 313 +++++++++++++++++ unittests/test_import_reimport.py | 23 ++ unittests/tools/test_anchore_grype_parser.py | 1 + 5 files changed, 655 insertions(+) create mode 100644 unittests/scans/anchore_grype/fix_available.json create mode 100644 unittests/scans/anchore_grype/fix_not_available.json diff --git a/dojo/tools/anchore_grype/parser.py b/dojo/tools/anchore_grype/parser.py index 2cf89b87f44..99866af435f 100644 --- a/dojo/tools/anchore_grype/parser.py +++ b/dojo/tools/anchore_grype/parser.py @@ -121,7 +121,9 @@ def get_findings(self, file, test): finding_description += f"\n**Package URL:** {artifact_purl}" finding_mitigation = None + fix_available = False if vuln_fix_versions: + fix_available = True finding_mitigation = "Upgrade to version:" if len(vuln_fix_versions) == 1: finding_mitigation += f" {vuln_fix_versions[0]}" @@ -200,6 +202,7 @@ def get_findings(self, file, test): dynamic_finding=False, nb_occurences=1, file_path=file_path, + fix_available=fix_available, ) dupes[dupe_key].unsaved_vulnerability_ids = vulnerability_ids diff --git a/unittests/scans/anchore_grype/fix_available.json b/unittests/scans/anchore_grype/fix_available.json new file mode 100644 index 00000000000..42aab80d74b --- /dev/null +++ b/unittests/scans/anchore_grype/fix_available.json @@ -0,0 +1,315 @@ +{ + "matches": [ + { + "vulnerability": { + "id": "CVE-2009-3882", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2009-3882", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html", + "http://java.sun.com/javase/6/webnotes/6u17.html", + "http://secunia.com/advisories/37386", + "http://security.gentoo.org/glsa/glsa-200911-02.xml", + "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084", + "https://bugzilla.redhat.com/show_bug.cgi?id=530175", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7300", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8841" + ], + "description": "Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657026.", + "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "metrics": { + "baseScore": 7.5, + "exploitabilityScore": 10, + "impactScore": 6.4 + }, + "vendorMetadata": {} + } + ], + "fix": { + "versions": [ + "1.2.3" + ], + "state": "fixed" + }, + "advisories": [] + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:oracle:openjdk:17.0.10+7\u0000-J-ms8m:*:*:*:*:*:*:*" + ], + "Package": { + "name": "java", + "version": "17.0.10+7\u0000-J-ms8m" + } + }, + "found": { + "vulnerabilityID": "CVE-2009-3882", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "9263533999d7e833", + "name": "java", + "version": "17.0.10+7\u0000-J-ms8m", + "type": "binary", + "locations": [ + { + "path": "/opt/java/openjdk/bin/java", + "layerID": "sha256:089f13e86d6447b9182a23ca4e357b13f067208db1b04ba14cac3edb51c2e6a8" + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:oracle:openjdk:17.0.10+7\u0000-J-ms8m:*:*:*:*:*:*:*" + ], + "purl": "pkg:generic/java@17.0.10%2B7\u0000-J-ms8m", + "upstreams": [] + } + } + ], + "source": { + "type": "image", + "target": { + "userInput": "REDACTED", + "imageID": "sha256:07a3eb7aaaaaaaaa69f29ff9a2945c9bb0a6592654421b8357c", + "manifestDigest": "sha256:4e1c538085614cbc0c9affbb206abbec3220118425409662e46b3d4bb71d1b6d", + "mediaType": "application/vnd.oci.image.manifest.v1+json", + "tags": [], + "imageSize": 514054352, + "layers": [ + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:5faf9c0a9efe4675ecd21a4ec417d51077d5e75da9e673161a94e7d6cd43f92c", + "size": 72802466 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:61bb835859af3b3418d9e5115ee0d0421d771af4b576354cb47e4911898411e6", + "size": 45773705 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:089f13e86d6447b9182a23ca4e357b13f067208db1b04ba14cac3edb51c2e6a8", + "size": 140722808 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:8a6992ae127d603d9816b4ac8d1b3b3f6b0bb29b1e64e38c86247805de797dcd", + "size": 0 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:31c91cb1196883a0861aa5f1d363e6e343070418704db46e47df1735eb95e473", + "size": 1182 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:2adb74596640882e72d1cfd59684d1d3053a4eaccc8cbd4ff769a6bc103736d9", + "size": 1780912 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:d3bd5e7d3a771e112ed5b0f61be054654d828c5198f6aee29dc57fb47f5ecede", + "size": 60515187 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:ebe801fcbe62d62d5bee3994743f3d556ecea3c6fcac9e4eb9c4b157cfd5c05d", + "size": 1143874 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", + "size": 0 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:cdf08086dbb4ff8e9de7b5986a4fe720a91b3508932988a9931a44bc595c0451", + "size": 32 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:62cee45bfd8de3003a1745ba5cce836429b96fab015d6c8d347edb5fc2b8f538", + "size": 393832 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:7d93f74f90a566f90f6ce733e1f03e592770f0eb579ebb3339ac43732913dcf5", + "size": 368 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:b626fe3114d1abd6c629c5adeb769fe28112e0268242a1bc66497ec6c6fddfc0", + "size": 1734 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:ecdc721e0f0e4244958fd6ed4aa658f600f66cc49e8e258680bbb8f0781b1eae", + "size": 2102 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:c3f7d9738db6fe33aa41e359b35ccad67c52e9e1fe1d2aa8ae986a52c63abdbc", + "size": 28 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", + "size": 0 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:43054870c5ee79c9c489db42b054d832ed7ad38bb85d7d085ae6d9ed0fa22191", + "size": 31964241 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", + "size": 0 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:629931e16568b7012bc94fa971085301f8239812690ff2422fcbf2a22475eb57", + "size": 158934808 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:9fdd7c20fc0792669cf8e16a770c40d99c0fa3bf74b51500270b762b1420047d", + "size": 17073 + } + ], + "manifest": "ewogICJzY2hlbWFWZXJzaW9uIjogMiwKICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubWFuaWZlc3QudjEranNvbiIsCiAgImNvbmZpZyI6IHsKICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5jb25maWcudjEranNvbiIsCiAgICAiZGlnZXN0IjogInNoYTI1NjowN2EzZWI3YjhlZTM2ZTkxYjZlMmIzZWU2YTFiOTY5ZjI5ZmY5YTI5NDVjOWJiMGE2NTkyNjU0NDIxYjgzNTdjIiwKICAgICJzaXplIjogMTE4ODgKICB9LAogICJsYXllcnMiOiBbCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OjYzZTliYmUzMjMyNzRlNzdlNThkNzdjNmFiNjgwMmQyNDc0NThmNzg0MjIyZmJiMDdhMjU1NmQ2ZWM3NGVlMDUiLAogICAgICAic2l6ZSI6IDI4NTg0MzE3CiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1Njo0NDgyYjE5MjIwMjFmYjdhNzE5MzI4MzEzMmM5MTQzYTQ2ZjhjNmUzZjIyNTgyY2NhYWViMzAyM2VmOGYwYWUzIiwKICAgICAgInNpemUiOiAxNjkyMDU2MwogICAgfSwKICAgIHsKICAgICAgIm1lZGlhVHlwZSI6ICJhcHBsaWNhdGlvbi92bmQub2NpLmltYWdlLmxheWVyLnYxLnRhcitnemlwIiwKICAgICAgImRpZ2VzdCI6ICJzaGEyNTY6MjJhZGMyZTM2ZjljODJkN2JiYTFiODJjZWExNjIxNmE2MWZhNzIzYzQ3MDlkMTAwZDM4OTVhNDRhZDBlYzlkYSIsCiAgICAgICJzaXplIjogNDcxNjQxMjYKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OmE5MzkxN2Y4N2FjM2ExZTljMGM5MDJjYmMyNjcwNTMyZmYyMDhiOGI5NmE0NzAyYTUzMGU2ZmVkMzQyOGQ0MDkiLAogICAgICAic2l6ZSI6IDE1OQogICAgfSwKICAgIHsKICAgICAgIm1lZGlhVHlwZSI6ICJhcHBsaWNhdGlvbi92bmQub2NpLmltYWdlLmxheWVyLnYxLnRhcitnemlwIiwKICAgICAgImRpZ2VzdCI6ICJzaGEyNTY6ZmMwZDZlYzBmNmE0YWRiN2UwMGUyMDdjYzBmMWRmOTM0M2ViOTM0MDQxOTU1MTg4MjU2YWE5MGNhZTgwMDdjYiIsCiAgICAgICJzaXplIjogNzMzCiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1NjozYjQwMjk2N2UxYjJhYWRlMDBjOTkwZWFlZmQ3NjEyMjYzZTFkNTZlMzMyNTE0Yzg5OTljZGM2NjYyNzVhYmRkIiwKICAgICAgInNpemUiOiA0Njk2NDIKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OjI3NTA5NjI4OTY4MjQ3ZDNmNTg5Yjk5NGUzNWU1NWI5YjJjNTI3NzQ0NGFjNGUyMzg5OTcwM2UzNjRhZjY1ZjUiLAogICAgICAic2l6ZSI6IDM4Njk3NzM5CiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1Njo5ZWQwNmM0ZWRkMTllYzRjMDBhM2YxODlhMDNkOGM1Yzg0ODM4ZTc3MzQ3MTkwZDlmMTM1MDhkZDk5ZWZmMjk4IiwKICAgICAgInNpemUiOiAzNTA3MjcKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OjRmNGZiNzAwZWY1NDQ2MWNmYTAyNTcxYWUwZGI5YTBkYzFlMGNkYjU1Nzc0ODRhNmQ3NWU2OGRjMzhlOGFjYzEiLAogICAgICAic2l6ZSI6IDMyCiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1Njo3YTFhMTQxMTQ3ZjYyMTY2MmJlYWUyZDc5MzcwODMyODU4YjFiY2EzZDIyMmRkNzY0YTYwYjY4NGViN2E0NzNlIiwKICAgICAgInNpemUiOiAyMDYKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OjJhM2YxNDM3NDVjNTBjMTRhMTJmZDBmYTdkOTAzYmY4MzBjZGQ2NTc2NDNhZWQ0MTVhNjMzMmEwMDdlMmEzMzMiLAogICAgICAic2l6ZSI6IDE5OTgKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OmZjNTkxNmUxMWEzOTc5ZmM0NzFiOWFkMWU0NDIwMDBiZmI1YmQyNjJlZjg0YWFiOWYyMGJmODRiNzFmYmJkYzAiLAogICAgICAic2l6ZSI6IDM3NQogICAgfSwKICAgIHsKICAgICAgIm1lZGlhVHlwZSI6ICJhcHBsaWNhdGlvbi92bmQub2NpLmltYWdlLmxheWVyLnYxLnRhcitnemlwIiwKICAgICAgImRpZ2VzdCI6ICJzaGEyNTY6ZjE2MTJmYWNkMjhiNDIzOWEwNmE5OGZiNWUxMWMzMjViYmZkYmNkOGJjZWVkMDdlZDE2NjcxZWFkODdkOTQ2YiIsCiAgICAgICJzaXplIjogOTE1CiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1NjoxMTFlYTU5YmNiNjZjZjYxOTFiYzU5YTI4ZTU4ZTI0MzIyNjkwYmFlODU2MTc4MThjZDY5YTYxNzM0MjAwYWIyIiwKICAgICAgInNpemUiOiAxMTAzCiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1NjoxYWIxNjY5OWQ2ZDlkNzVkYzg0MmE4ZjUzMTUxM2NiYzk4OWFiYTY0Y2UxZWEzNjA2YTIzMmRlMWU0ZWVkNGIzIiwKICAgICAgInNpemUiOiAyNTYKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OjRmNGZiNzAwZWY1NDQ2MWNmYTAyNTcxYWUwZGI5YTBkYzFlMGNkYjU1Nzc0ODRhNmQ3NWU2OGRjMzhlOGFjYzEiLAogICAgICAic2l6ZSI6IDMyCiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1NjpiMTMyMmJhYWE5Zjc3MmMwNzJlOWY0NDhkZjJkMDZiNjZkYmEyNzhkNTY3MGIyYWYwZDM5Njg0OTBkOTJlMzUwIiwKICAgICAgInNpemUiOiAxODg4MzQ2NgogICAgfSwKICAgIHsKICAgICAgIm1lZGlhVHlwZSI6ICJhcHBsaWNhdGlvbi92bmQub2NpLmltYWdlLmxheWVyLnYxLnRhcitnemlwIiwKICAgICAgImRpZ2VzdCI6ICJzaGEyNTY6NGY0ZmI3MDBlZjU0NDYxY2ZhMDI1NzFhZTBkYjlhMGRjMWUwY2RiNTU3NzQ4NGE2ZDc1ZTY4ZGMzOGU4YWNjMSIsCiAgICAgICJzaXplIjogMzIKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OmExYzc5YjJlZjkwYmExZDlhZTMwZjNhOGNlNzEyYjQ0MGU0YWEyOGIxODc1NzA4ZmRjMTYwNzJkMTgyNTBhNmIiLAogICAgICAic2l6ZSI6IDE0OTQyMjY4OAogICAgfSwKICAgIHsKICAgICAgIm1lZGlhVHlwZSI6ICJhcHBsaWNhdGlvbi92bmQub2NpLmltYWdlLmxheWVyLnYxLnRhcitnemlwIiwKICAgICAgImRpZ2VzdCI6ICJzaGEyNTY6MzBhNmQ2NTMzN2JiOGE0Njg2MTUyMDVmMzFjOTJkYjZmMmRmYTFmMzJkNzI1Y2IxZjcwZjQwYjE4ODA1OGMyOSIsCiAgICAgICJzaXplIjogMzI1NgogICAgfQogIF0KfQ==", + "config": "eyJhcmNoaXRlY3R1cmUiOiJhbWQ2NCIsImNvbmZpZyI6eyJVc2VyIjoiY2FtcyIsIkV4cG9zZWRQb3J0cyI6eyI4MDgwL3RjcCI6e319LCJFbnYiOlsiUEFUSD0vb3B0L2phdmEvb3Blbmpkay9iaW46L3Vzci9sb2NhbC9zYmluOi91c3IvbG9jYWwvYmluOi91c3Ivc2JpbjovdXNyL2Jpbjovc2JpbjovYmluIiwiSkFWQV9IT01FPS9vcHQvamF2YS9vcGVuamRrIiwiTEFORz1lbl9VUy5VVEYtOCIsIkxBTkdVQUdFPWVuX1VTOmVuIiwiTENfQUxMPWVuX1VTLlVURi04IiwiSkFWQV9WRVJTSU9OPWpkay0xNy4wLjEwKzciLCJKQVZBX09QVFM9LVhYOk1pblJBTVBlcmNlbnRhZ2U9NTAgLVhYOk1heFJBTVBlcmNlbnRhZ2U9ODAgLVhYOitVc2VDb250YWluZXJTdXBwb3J0IiwiU1BSSU5HX0NPTkZJR19MT0NBVElPTj1maWxlOi9ldGMvY2Ftcy8iLCJTUFJJTkdfUFJPRklMRVNfQUNUSVZFPSIsIkNBTVNfQVBQTElDQVRJT049YXBwbGljYXRpb24uamFyIiwiQ0FNU19BUFBfUE9SVD04MDgwIiwiVkVSU0lPTj0wLjE1MC4wIiwiTkFNRT1qb3VybmFsLXJlcG9ydC1zZXJ2aWNlcy1hcHAiXSwiRW50cnlwb2ludCI6WyIvdXNyL2xvY2FsL2Jpbi9kb2NrZXItZW50cnlwb2ludC5zaCJdLCJXb3JraW5nRGlyIjoiL29wdC9jYW1zIiwiTGFiZWxzIjp7ImFyY2hpdGVjdHVyZSI6IiIsImJ6Y29tcG9uZW50Ijoiam91cm5hbC1yZXBvcnQtc2VydmljZXMtYXBwIiwibWFpbnRhaW5lciI6IlRlY2huZXN0IElUIFx1MDAzY2l0QHRlY2huZXN0LmVzXHUwMDNlIiwibmFtZSI6ImpvdXJuYWwtcmVwb3J0LXNlcnZpY2VzLWFwcCIsIm9yZy5vcGVuY29udGFpbmVycy5pbWFnZS5yZWYubmFtZSI6InVidW50dSIsIm9yZy5vcGVuY29udGFpbmVycy5pbWFnZS52ZXJzaW9uIjoiMjAuMDQiLCJyZWxlYXNlIjoiMC4xNTAuMCIsInZlcnNpb24iOiIwLjE1MC4wIn19LCJjcmVhdGVkIjoiMjAyNC0wNC0xMFQwNjoyMzoxMC42NTIyMDEwNVoiLCJoaXN0b3J5IjpbeyJjcmVhdGVkIjoiMjAyNC0wMi0xNlQyMTozMjo0OS42NjE2NzY5NVoiLCJjcmVhdGVkX2J5IjoiL2Jpbi9zaCAtYyAjKG5vcCkgIEFSRyBSRUxFQVNFIiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDItMTZUMjE6MzI6NDkuNjk0NjczMjkzWiIsImNyZWF0ZWRfYnkiOiIvYmluL3NoIC1jICMobm9wKSAgQVJHIExBVU5DSFBBRF9CVUlMRF9BUkNIIiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDItMTZUMjE6MzI6NDkuNzE5ODk2NTMxWiIsImNyZWF0ZWRfYnkiOiIvYmluL3NoIC1jICMobm9wKSAgTEFCRUwgb3JnLm9wZW5jb250YWluZXJzLmltYWdlLnJlZi5uYW1lPXVidW50dSIsImVtcHR5X2xheWVyIjp0cnVlfSx7ImNyZWF0ZWQiOiIyMDI0LTAyLTE2VDIxOjMyOjQ5Ljc1ODkxMzc1N1oiLCJjcmVhdGVkX2J5IjoiL2Jpbi9zaCAtYyAjKG5vcCkgIExBQkVMIG9yZy5vcGVuY29udGFpbmVycy5pbWFnZS52ZXJzaW9uPTIwLjA0IiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDItMTZUMjE6MzI6NTIuMTc2NDA4NDFaIiwiY3JlYXRlZF9ieSI6Ii9iaW4vc2ggLWMgIyhub3ApIEFERCBmaWxlOmEyNTc5OGYzMTIxOTAwMGQ2YTgyZDJjOTI1ODc0MzkyNmIxYTQwMDUzMGQxMmRiYjFlYWRmMmMyNTE5Zjk4ODggaW4gLyAifSx7ImNyZWF0ZWQiOiIyMDI0LTAyLTE2VDIxOjMyOjUyLjM5MTMzMzc1NFoiLCJjcmVhdGVkX2J5IjoiL2Jpbi9zaCAtYyAjKG5vcCkgIENNRCBbXCIvYmluL2Jhc2hcIl0iLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wMy0yN1QxNTo0NDoxMloiLCJjcmVhdGVkX2J5IjoiRU5WIEpBVkFfSE9NRT0vb3B0L2phdmEvb3BlbmpkayIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDMtMjdUMTU6NDQ6MTJaIiwiY3JlYXRlZF9ieSI6IkVOViBQQVRIPS9vcHQvamF2YS9vcGVuamRrL2JpbjovdXNyL2xvY2FsL3NiaW46L3Vzci9sb2NhbC9iaW46L3Vzci9zYmluOi91c3IvYmluOi9zYmluOi9iaW4iLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCIsImVtcHR5X2xheWVyIjp0cnVlfSx7ImNyZWF0ZWQiOiIyMDI0LTAzLTI3VDE1OjQ0OjEyWiIsImNyZWF0ZWRfYnkiOiJFTlYgTEFORz1lbl9VUy5VVEYtOCBMQU5HVUFHRT1lbl9VUzplbiBMQ19BTEw9ZW5fVVMuVVRGLTgiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCIsImVtcHR5X2xheWVyIjp0cnVlfSx7ImNyZWF0ZWQiOiIyMDI0LTAzLTI3VDE1OjQ0OjEyWiIsImNyZWF0ZWRfYnkiOiJSVU4gL2Jpbi9zaCAtYyBzZXQgLWV1eDsgICAgIGFwdC1nZXQgdXBkYXRlOyAgICAgREVCSUFOX0ZST05URU5EPW5vbmludGVyYWN0aXZlIGFwdC1nZXQgaW5zdGFsbCAteSAtLW5vLWluc3RhbGwtcmVjb21tZW5kcyAgICAgICAgIGN1cmwgICAgICAgICB3Z2V0ICAgICAgICAgZm9udGNvbmZpZyAgICAgICAgIGNhLWNlcnRpZmljYXRlcyBwMTEta2l0ICAgICAgICAgdHpkYXRhICAgICAgICAgbG9jYWxlcyAgICAgOyAgICAgZWNobyBcImVuX1VTLlVURi04IFVURi04XCIgXHUwMDNlXHUwMDNlIC9ldGMvbG9jYWxlLmdlbjsgICAgIGxvY2FsZS1nZW4gZW5fVVMuVVRGLTg7ICAgICBybSAtcmYgL3Zhci9saWIvYXB0L2xpc3RzLyogIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wMy0yN1QxNTo0NDoxMloiLCJjcmVhdGVkX2J5IjoiRU5WIEpBVkFfVkVSU0lPTj1qZGstMTcuMC4xMCs3IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAiLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wMy0yN1QxNTo0NDoxMloiLCJjcmVhdGVkX2J5IjoiUlVOIC9iaW4vc2ggLWMgc2V0IC1ldXg7ICAgICBBUkNIPVwiJChkcGtnIC0tcHJpbnQtYXJjaGl0ZWN0dXJlKVwiOyAgICAgY2FzZSBcIiR7QVJDSH1cIiBpbiAgICAgICAgYWFyY2g2NHxhcm02NCkgICAgICAgICAgRVNVTT0nMTYwODBkMDU1ZGEwOTYyZmJkNmI0MGY2NTlhOThhNDU3Y2JhM2VmYTdlYTcxNmQ1NDAwY2ZlYmU4YjkzNWJmMCc7ICAgICAgICAgIEJJTkFSWV9VUkw9J2h0dHBzOi8vZ2l0aHViLmNvbS9hZG9wdGl1bS90ZW11cmluMTctYmluYXJpZXMvcmVsZWFzZXMvZG93bmxvYWQvamRrLTE3LjAuMTAlMkI3L09wZW5KREsxN1UtanJlX2FhcmNoNjRfbGludXhfaG90c3BvdF8xNy4wLjEwXzcudGFyLmd6JzsgICAgICAgICAgOzsgICAgICAgIGFtZDY0fGkzODY6eDg2LTY0KSAgICAgICAgICBFU1VNPSc2MjBjYzBlNzMzOGYyNzIyZjNlZDA3NmFjNjVjMGZhZmI1NzU5ODE0MjZiYWM0ZTE5NzA4NjBlNWUyZDA0OGYwJzsgICAgICAgICAgQklOQVJZX1VSTD0naHR0cHM6Ly9naXRodWIuY29tL2Fkb3B0aXVtL3RlbXVyaW4xNy1iaW5hcmllcy9yZWxlYXNlcy9kb3dubG9hZC9qZGstMTcuMC4xMCUyQjcvT3BlbkpESzE3VS1qcmVfeDY0X2xpbnV4X2hvdHNwb3RfMTcuMC4xMF83LnRhci5neic7ICAgICAgICAgIDs7ICAgICAgICBhcm1oZnxhcm0pICAgICAgICAgIEVTVU09JzAzNzhiZGY2NzY5NjMyYjE4MmIyN2JhNGU1M2IxN2VhZWZlZmRiYWZhMzg0NWMxNWUxYmQ4OGE1YWVlYzg0NDInOyAgICAgICAgICBCSU5BUllfVVJMPSdodHRwczovL2dpdGh1Yi5jb20vYWRvcHRpdW0vdGVtdXJpbjE3LWJpbmFyaWVzL3JlbGVhc2VzL2Rvd25sb2FkL2pkay0xNy4wLjEwJTJCNy9PcGVuSkRLMTdVLWpyZV9hcm1fbGludXhfaG90c3BvdF8xNy4wLjEwXzcudGFyLmd6JzsgICAgICAgICAgOzsgICAgICAgIHBwYzY0ZWx8cG93ZXJwYzpjb21tb242NCkgICAgICAgICAgRVNVTT0nNGUxOGI2MGRiYTU0MGI1YzQzMWZmMDNmNzRhMWM3M2IyMmQ4MzE1MWY5M2I4NzY4MjQxZDI2NGQxYTUzNTgyZCc7ICAgICAgICAgIEJJTkFSWV9VUkw9J2h0dHBzOi8vZ2l0aHViLmNvbS9hZG9wdGl1bS90ZW11cmluMTctYmluYXJpZXMvcmVsZWFzZXMvZG93bmxvYWQvamRrLTE3LjAuMTAlMkI3L09wZW5KREsxN1UtanJlX3BwYzY0bGVfbGludXhfaG90c3BvdF8xNy4wLjEwXzcudGFyLmd6JzsgICAgICAgICAgOzsgICAgICAgIHMzOTB4fHMzOTA6NjQtYml0KSAgICAgICAgICBFU1VNPSdjMWIyZmQyMzJmYzU1ZTgxNDQ3OWQ3NTg1ZDdlYzQ1YmFlOTUyYTJmNDEzNzA4NGYxZDk5Zjk1OGM2ODgwYTQ5JzsgICAgICAgICAgQklOQVJZX1VSTD0naHR0cHM6Ly9naXRodWIuY29tL2Fkb3B0aXVtL3RlbXVyaW4xNy1iaW5hcmllcy9yZWxlYXNlcy9kb3dubG9hZC9qZGstMTcuMC4xMCUyQjcvT3BlbkpESzE3VS1qcmVfczM5MHhfbGludXhfaG90c3BvdF8xNy4wLjEwXzcudGFyLmd6JzsgICAgICAgICAgOzsgICAgICAgICopICAgICAgICAgIGVjaG8gXCJVbnN1cHBvcnRlZCBhcmNoOiAke0FSQ0h9XCI7ICAgICAgICAgIGV4aXQgMTsgICAgICAgICAgOzsgICAgIGVzYWM7ICAgICB3Z2V0IC0tcHJvZ3Jlc3M9ZG90OmdpZ2EgLU8gL3RtcC9vcGVuamRrLnRhci5neiAke0JJTkFSWV9VUkx9OyAgICAgZWNobyBcIiR7RVNVTX0gKi90bXAvb3Blbmpkay50YXIuZ3pcIiB8IHNoYTI1NnN1bSAtYyAtOyAgICAgbWtkaXIgLXAgXCIkSkFWQV9IT01FXCI7ICAgICB0YXIgLS1leHRyYWN0ICAgICAgICAgLS1maWxlIC90bXAvb3Blbmpkay50YXIuZ3ogICAgICAgICAtLWRpcmVjdG9yeSBcIiRKQVZBX0hPTUVcIiAgICAgICAgIC0tc3RyaXAtY29tcG9uZW50cyAxICAgICAgICAgLS1uby1zYW1lLW93bmVyICAgICA7ICAgICBybSAtZiAvdG1wL29wZW5qZGsudGFyLmd6ICR7SkFWQV9IT01FfS9saWIvc3JjLnppcDsgICAgIGZpbmQgXCIkSkFWQV9IT01FL2xpYlwiIC1uYW1lICcqLnNvJyAtZXhlYyBkaXJuYW1lICd7fScgJzsnIHwgc29ydCAtdSBcdTAwM2UgL2V0Yy9sZC5zby5jb25mLmQvZG9ja2VyLW9wZW5qZGsuY29uZjsgICAgIGxkY29uZmlnOyAgICAgamF2YSAtWHNoYXJlOmR1bXA7ICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9LHsiY3JlYXRlZCI6IjIwMjQtMDMtMjdUMTU6NDQ6MTJaIiwiY3JlYXRlZF9ieSI6IlJVTiAvYmluL3NoIC1jIHNldCAtZXV4OyAgICAgZWNobyBcIlZlcmlmeWluZyBpbnN0YWxsIC4uLlwiOyAgICAgZWNobyBcImphdmEgLS12ZXJzaW9uXCI7IGphdmEgLS12ZXJzaW9uOyAgICAgZWNobyBcIkNvbXBsZXRlLlwiICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9LHsiY3JlYXRlZCI6IjIwMjQtMDMtMjdUMTU6NDQ6MTJaIiwiY3JlYXRlZF9ieSI6IkNPUFkgZW50cnlwb2ludC5zaCAvX19jYWNlcnRfZW50cnlwb2ludC5zaCAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTAzLTI3VDE1OjQ0OjEyWiIsImNyZWF0ZWRfYnkiOiJFTlRSWVBPSU5UIFtcIi9fX2NhY2VydF9lbnRyeXBvaW50LnNoXCJdIiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAiLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNjo0NS45NDE2OTAzNzdaIiwiY3JlYXRlZF9ieSI6IlJVTiAvYmluL3NoIC1jIGVjaG8gJ2RlYmNvbmYgZGViY29uZi9mcm9udGVuZCBzZWxlY3QgTm9uaW50ZXJhY3RpdmUnIHwgZGViY29uZi1zZXQtc2VsZWN0aW9ucyAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTA5VDEzOjA3OjAzLjA0OTQ2MjM4NVoiLCJjcmVhdGVkX2J5IjoiUlVOIC9iaW4vc2ggLWMgYXB0IHVwZGF0ZSBcdTAwMjZcdTAwMjYgICAgIGFwdCB1cGdyYWRlIC15IFx1MDAyNlx1MDAyNiAgICAgYXB0IGluc3RhbGwgLXkgc3VkbyBwcm9jcHMgbmV0LXRvb2xzICAgICAgYXB0LXV0aWxzIHdnZXQgY3VybCBjYS1jZXJ0aWZpY2F0ZXMganEgIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzowOC42OTA0MDkxODFaIiwiY3JlYXRlZF9ieSI6IlJVTiAvYmluL3NoIC1jIGFwdCBpbnN0YWxsIC15IGxpYmFwcjEgbGliYXBydXRpbDEgXHUwMDI2XHUwMDI2ICAgICBlY2hvICdMRF9MSUJSQVJZX1BBVEg9JExEX0xJQlJBUllfUEFUSDovdXNyL2xvY2FsL2Fwci9saWInIFx1MDAzZVx1MDAzZSAvZXRjL3Byb2ZpbGUuZC9hcGFjaGVfdG9tY2F0X25hdGl2ZV9saWJyYXJ5LnNoIFx1MDAyNlx1MDAyNiAgICAgZWNobyAnZXhwb3J0IExEX0xJQlJBUllfUEFUSCcgXHUwMDNlXHUwMDNlIC9ldGMvcHJvZmlsZS5kL2FwYWNoZV90b21jYXRfbmF0aXZlX2xpYnJhcnkuc2ggIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS4wODYxMjU1NloiLCJjcmVhdGVkX2J5IjoiUlVOIC9iaW4vc2ggLWMgYXB0IGNsZWFuIGF1dG9jbGVhbiBcdTAwMjZcdTAwMjYgICAgIGFwdCBhdXRvcmVtb3ZlIC15IFx1MDAyNlx1MDAyNiAgICAgcm0gLXJmIC92YXIvbGliL3thcHQsZHBrZyxjYWNoZSxsb2d9LyAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTA5VDEzOjA3OjExLjE3Njk2NjQ1MVoiLCJjcmVhdGVkX2J5IjoiUlVOIC9iaW4vc2ggLWMgZWNobyAndW5zZXQgSElTVE9SWScgXHUwMDNlXHUwMDNlIC9ldGMvcHJvZmlsZS5kL2Rpc2FibGVfYmFzaF9oaXN0b3J5LnNoIFx1MDAyNlx1MDAyNiAgICAgZWNobyAnZXhwb3J0IEhJU1RTSVpFPTAnICBcdTAwM2VcdTAwM2UgL2V0Yy9wcm9maWxlLmQvZGlzYWJsZV9iYXNoX2hpc3Rvcnkuc2ggIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS40MTE3OTU4NjVaIiwiY3JlYXRlZF9ieSI6IlJVTiAvYmluL3NoIC1jIG1rZGlyIC9vcHQvY2FtcyAvZXRjL3NzbC9jYW1zIFx1MDAyNlx1MDAyNiAgICAgZ3JvdXBhZGQgLWcgMTIwMCBjYW1zIFx1MDAyNlx1MDAyNiAgICAgYWRkdXNlciAtLXN5c3RlbSAtLXNoZWxsIC9zYmluL25vbG9naW4gLS1ob21lIC9vcHQvY2FtcyAtLWdpZCAxMjAwIC0tdWlkIDEyMDAgY2FtcyBcdTAwMjZcdTAwMjYgICAgIGNob3duIGNhbXM6Y2FtcyAvb3B0L2NhbXMgL2V0Yy9zc2wvY2FtcyBcdTAwMjZcdTAwMjYgICAgIGVjaG8gJ3NvdXJjZSAvZXRjL3Byb2ZpbGUnIFx1MDAzZVx1MDAzZSAvb3B0L2NhbXMvLmJhc2hyYyAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTA5VDEzOjA3OjExLjQ0MjUyMTI3WiIsImNyZWF0ZWRfYnkiOiJBREQgY2Ftcy5zdWRvZXJzIC9ldGMvc3Vkb2Vycy5kL2NhbXMgIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS40ODQxOTIwMTVaIiwiY3JlYXRlZF9ieSI6IkNPUFkgLS1jaG93bj1jYW1zOmNhbXMgZG9ja2VyLWVudHJ5cG9pbnQuc2ggL3Vzci9sb2NhbC9iaW4gIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS41OTUxODAyNTJaIiwiY3JlYXRlZF9ieSI6IlJVTiAvYmluL3NoIC1jIGNobW9kIDc1NSAvdXNyL2xvY2FsL2Jpbi9kb2NrZXItZW50cnlwb2ludC5zaCBcdTAwMjZcdTAwMjYgICAgIGNobW9kIDY1MCAvZXRjL3N1ZG9lcnMuZC9jYW1zICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9LHsiY3JlYXRlZCI6IjIwMjQtMDQtMDlUMTM6MDc6MTEuNzM3NDg5OTQ4WiIsImNyZWF0ZWRfYnkiOiJSVU4gL2Jpbi9zaCAtYyBta2RpciAtcCAkSkFWQV9IT01FL2pyZS9saWIvc2VjdXJpdHkvIFx1MDAyNlx1MDAyNiAgICAgZWNobyBcIm5ldHdvcmthZGRyZXNzLmNhY2hlLnR0bD02MFwiIFx1MDAzZVx1MDAzZSAkSkFWQV9IT01FL2pyZS9saWIvc2VjdXJpdHkvamF2YS5zZWN1cml0eSAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTA5VDEzOjA3OjExLjc3MzAyMjM4WiIsImNyZWF0ZWRfYnkiOiJVU0VSIGNhbXMiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCIsImVtcHR5X2xheWVyIjp0cnVlfSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTA5VDEzOjA3OjExLjc3MzAyMjM4WiIsImNyZWF0ZWRfYnkiOiJXT1JLRElSIC9vcHQvY2FtcyIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS43NzMwMjIzOFoiLCJjcmVhdGVkX2J5IjoiRU5WIEpBVkFfT1BUUz0tWFg6TWluUkFNUGVyY2VudGFnZT01MCAtWFg6TWF4UkFNUGVyY2VudGFnZT04MCAtWFg6K1VzZUNvbnRhaW5lclN1cHBvcnQgU1BSSU5HX0NPTkZJR19MT0NBVElPTj1maWxlOi9ldGMvY2Ftcy8gU1BSSU5HX1BST0ZJTEVTX0FDVElWRT0gQ0FNU19BUFBMSUNBVElPTj1hcHBsaWNhdGlvbi5qYXIgQ0FNU19BUFBfUE9SVD04MDgwIiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAiLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS43NzMwMjIzOFoiLCJjcmVhdGVkX2J5IjoiRU5UUllQT0lOVCBbXCIvdXNyL2xvY2FsL2Jpbi9kb2NrZXItZW50cnlwb2ludC5zaFwiXSIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDQtMTBUMDY6MjM6MDkuMzg0NjUzNjE4WiIsImNyZWF0ZWRfYnkiOiJFTlYgVkVSU0lPTj0wLjE1MC4wIE5BTUU9am91cm5hbC1yZXBvcnQtc2VydmljZXMtYXBwIiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAiLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wNC0xMFQwNjoyMzowOS4zODQ2NTM2MThaIiwiY3JlYXRlZF9ieSI6IkxBQkVMIGJ6Y29tcG9uZW50PWpvdXJuYWwtcmVwb3J0LXNlcnZpY2VzLWFwcCBuYW1lPWpvdXJuYWwtcmVwb3J0LXNlcnZpY2VzLWFwcCB2ZXJzaW9uPTAuMTUwLjAgcmVsZWFzZT0wLjE1MC4wIGFyY2hpdGVjdHVyZT0gbWFpbnRhaW5lcj1UZWNobmVzdCBJVCBcdTAwM2NpdEB0ZWNobmVzdC5lc1x1MDAzZSIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDQtMTBUMDY6MjM6MDkuMzg0NjUzNjE4WiIsImNyZWF0ZWRfYnkiOiJVU0VSIHJvb3QiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCIsImVtcHR5X2xheWVyIjp0cnVlfSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTEwVDA2OjIzOjA5LjM4NDY1MzYxOFoiLCJjcmVhdGVkX2J5IjoiUlVOIC9iaW4vc2ggLWMgYXB0IHVwZGF0ZSBcdTAwMjZcdTAwMjYgYXB0IGluc3RhbGwgLXkgZm9udGNvbmZpZyBmb250cy1mcmVlZm9udC10dGYgZm9udHMtZnJlZWZvbnQtdHRmIGZvbnRzLWRlamF2dS1jb3JlIGZvbnRzLWRlamF2dS1leHRyYSAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTEwVDA2OjIzOjA5LjM4NDY1MzYxOFoiLCJjcmVhdGVkX2J5IjoiVVNFUiBjYW1zIiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAiLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wNC0xMFQwNjoyMzowOS40MTk5ODE3MDhaIiwiY3JlYXRlZF9ieSI6IldPUktESVIgL29wdC9jYW1zIiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTEwVDA2OjIzOjEwLjYwMzE2NzAwOVoiLCJjcmVhdGVkX2J5IjoiQ09QWSAtLWNob3duPWNhbXM6Y2FtcyAqLmphciAvb3B0L2NhbXMvYXBwbGljYXRpb24uamFyICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9LHsiY3JlYXRlZCI6IjIwMjQtMDQtMTBUMDY6MjM6MTAuNjUyMjAxMDVaIiwiY3JlYXRlZF9ieSI6IkNPUFkgLS1jaG93bj1jYW1zOmNhbXMgY29uZmlnIC9ldGMvY2FtcyAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTEwVDA2OjIzOjEwLjY1MjIwMTA1WiIsImNyZWF0ZWRfYnkiOiJFWFBPU0UgbWFwWzgwODAvdGNwOnt9XSIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIiwiZW1wdHlfbGF5ZXIiOnRydWV9XSwib3MiOiJsaW51eCIsInJvb3RmcyI6eyJ0eXBlIjoibGF5ZXJzIiwiZGlmZl9pZHMiOlsic2hhMjU2OjVmYWY5YzBhOWVmZTQ2NzVlY2QyMWE0ZWM0MTdkNTEwNzdkNWU3NWRhOWU2NzMxNjFhOTRlN2Q2Y2Q0M2Y5MmMiLCJzaGEyNTY6NjFiYjgzNTg1OWFmM2IzNDE4ZDllNTExNWVlMGQwNDIxZDc3MWFmNGI1NzYzNTRjYjQ3ZTQ5MTE4OTg0MTFlNiIsInNoYTI1NjowODlmMTNlODZkNjQ0N2I5MTgyYTIzY2E0ZTM1N2IxM2YwNjcyMDhkYjFiMDRiYTE0Y2FjM2VkYjUxYzJlNmE4Iiwic2hhMjU2OjhhNjk5MmFlMTI3ZDYwM2Q5ODE2YjRhYzhkMWIzYjNmNmIwYmIyOWIxZTY0ZTM4Yzg2MjQ3ODA1ZGU3OTdkY2QiLCJzaGEyNTY6MzFjOTFjYjExOTY4ODNhMDg2MWFhNWYxZDM2M2U2ZTM0MzA3MDQxODcwNGRiNDZlNDdkZjE3MzVlYjk1ZTQ3MyIsInNoYTI1NjoyYWRiNzQ1OTY2NDA4ODJlNzJkMWNmZDU5Njg0ZDFkMzA1M2E0ZWFjY2M4Y2JkNGZmNzY5YTZiYzEwMzczNmQ5Iiwic2hhMjU2OmQzYmQ1ZTdkM2E3NzFlMTEyZWQ1YjBmNjFiZTA1NDY1NGQ4MjhjNTE5OGY2YWVlMjlkYzU3ZmI0N2Y1ZWNlZGUiLCJzaGEyNTY6ZWJlODAxZmNiZTYyZDYyZDViZWUzOTk0NzQzZjNkNTU2ZWNlYTNjNmZjYWM5ZTRlYjljNGIxNTdjZmQ1YzA1ZCIsInNoYTI1Njo1ZjcwYmYxOGEwODYwMDcwMTZlOTQ4YjA0YWVkM2I4MjEwM2EzNmJlYTQxNzU1YjZjZGRmYWYxMGFjZTNjNmVmIiwic2hhMjU2OmNkZjA4MDg2ZGJiNGZmOGU5ZGU3YjU5ODZhNGZlNzIwYTkxYjM1MDg5MzI5ODhhOTkzMWE0NGJjNTk1YzA0NTEiLCJzaGEyNTY6NjJjZWU0NWJmZDhkZTMwMDNhMTc0NWJhNWNjZTgzNjQyOWI5NmZhYjAxNWQ2YzhkMzQ3ZWRiNWZjMmI4ZjUzOCIsInNoYTI1Njo3ZDkzZjc0ZjkwYTU2NmY5MGY2Y2U3MzNlMWYwM2U1OTI3NzBmMGViNTc5ZWJiMzMzOWFjNDM3MzI5MTNkY2Y1Iiwic2hhMjU2OmI2MjZmZTMxMTRkMWFiZDZjNjI5YzVhZGViNzY5ZmUyODExMmUwMjY4MjQyYTFiYzY2NDk3ZWM2YzZmZGRmYzAiLCJzaGEyNTY6ZWNkYzcyMWUwZjBlNDI0NDk1OGZkNmVkNGFhNjU4ZjYwMGY2NmNjNDllOGUyNTg2ODBiYmI4ZjA3ODFiMWVhZSIsInNoYTI1NjpjM2Y3ZDk3MzhkYjZmZTMzYWE0MWUzNTliMzVjY2FkNjdjNTJlOWUxZmUxZDJhYThhZTk4NmE1MmM2M2FiZGJjIiwic2hhMjU2OjVmNzBiZjE4YTA4NjAwNzAxNmU5NDhiMDRhZWQzYjgyMTAzYTM2YmVhNDE3NTViNmNkZGZhZjEwYWNlM2M2ZWYiLCJzaGEyNTY6NDMwNTQ4NzBjNWVlNzljOWM0ODlkYjQyYjA1NGQ4MzJlZDdhZDM4YmI4NWQ3ZDA4NWFlNmQ5ZWQwZmEyMjE5MSIsInNoYTI1Njo1ZjcwYmYxOGEwODYwMDcwMTZlOTQ4YjA0YWVkM2I4MjEwM2EzNmJlYTQxNzU1YjZjZGRmYWYxMGFjZTNjNmVmIiwic2hhMjU2OjYyOTkzMWUxNjU2OGI3MDEyYmM5NGZhOTcxMDg1MzAxZjgyMzk4MTI2OTBmZjI0MjJmY2JmMmEyMjQ3NWViNTciLCJzaGEyNTY6OWZkZDdjMjBmYzA3OTI2NjljZjhlMTZhNzcwYzQwZDk5YzBmYTNiZjc0YjUxNTAwMjcwYjc2MmIxNDIwMDQ3ZCJdfX0=", + "repoDigests": [ + "REDACTED" + ], + "architecture": "amd64", + "os": "linux", + "labels": { + "architecture": "", + "bzcomponent": "REDACTED", + "maintainer": "REDACTED", + "name": "REDACTED", + "org.opencontainers.image.ref.name": "ubuntu", + "org.opencontainers.image.version": "20.04", + "release": "0.150.0", + "version": "0.150.0" + } + } + }, + "distro": { + "name": "ubuntu", + "version": "20.04", + "idLike": [ + "debian" + ] + }, + "descriptor": { + "name": "grype", + "version": "0.75.0", + "configuration": { + "output": [ + "json" + ], + "file": "container-report-linux-amd64.json", + "distro": "", + "add-cpes-if-none": false, + "output-template-file": "", + "check-for-app-update": true, + "only-fixed": false, + "only-notfixed": false, + "ignore-wontfix": "", + "platform": "linux/amd64", + "search": { + "scope": "squashed", + "unindexed-archives": false, + "indexed-archives": true + }, + "ignore": null, + "exclude": [], + "db": { + "cache-dir": "/root/.cache/grype/db", + "update-url": "https://toolbox-data.anchore.io/grype/databases/listing.json", + "ca-cert": "", + "auto-update": true, + "validate-by-hash-on-start": false, + "validate-age": true, + "max-allowed-built-age": 432000000000000, + "update-available-timeout": 30000000000, + "update-download-timeout": 120000000000 + }, + "externalSources": { + "enable": false, + "maven": { + "searchUpstreamBySha1": true, + "baseUrl": "https://search.maven.org/solrsearch/select" + } + }, + "match": { + "java": { + "using-cpes": false + }, + "dotnet": { + "using-cpes": false + }, + "golang": { + "using-cpes": false, + "always-use-cpe-for-stdlib": true + }, + "javascript": { + "using-cpes": false + }, + "python": { + "using-cpes": false + }, + "ruby": { + "using-cpes": false + }, + "rust": { + "using-cpes": false + }, + "stock": { + "using-cpes": true + } + }, + "fail-on-severity": "", + "registry": { + "insecure-skip-tls-verify": false, + "insecure-use-http": false, + "auth": null, + "ca-cert": "" + }, + "show-suppressed": false, + "by-cve": false, + "name": "", + "default-image-pull-source": "", + "vex-documents": [], + "vex-add": [] + }, + "db": { + "built": "2024-04-10T01:25:07Z", + "schemaVersion": 5, + "location": "/root/.cache/grype/db/5", + "checksum": "sha256:bb6e98b144551912bc9f1fe7381ad2b83c8e1d07d0b3a4c341bfea182ae1269c", + "error": null + }, + "timestamp": "2024-04-10T11:05:22.636338786Z" + } +} diff --git a/unittests/scans/anchore_grype/fix_not_available.json b/unittests/scans/anchore_grype/fix_not_available.json new file mode 100644 index 00000000000..a32a61b4c55 --- /dev/null +++ b/unittests/scans/anchore_grype/fix_not_available.json @@ -0,0 +1,313 @@ +{ + "matches": [ + { + "vulnerability": { + "id": "CVE-2009-3882", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2009-3882", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html", + "http://java.sun.com/javase/6/webnotes/6u17.html", + "http://secunia.com/advisories/37386", + "http://security.gentoo.org/glsa/glsa-200911-02.xml", + "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084", + "https://bugzilla.redhat.com/show_bug.cgi?id=530175", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7300", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8841" + ], + "description": "Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657026.", + "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "metrics": { + "baseScore": 7.5, + "exploitabilityScore": 10, + "impactScore": 6.4 + }, + "vendorMetadata": {} + } + ], + "fix": { + "versions": [], + "state": "unknown" + }, + "advisories": [] + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:oracle:openjdk:17.0.10+7\u0000-J-ms8m:*:*:*:*:*:*:*" + ], + "Package": { + "name": "java", + "version": "17.0.10+7\u0000-J-ms8m" + } + }, + "found": { + "vulnerabilityID": "CVE-2009-3882", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "9263533999d7e833", + "name": "java", + "version": "17.0.10+7\u0000-J-ms8m", + "type": "binary", + "locations": [ + { + "path": "/opt/java/openjdk/bin/java", + "layerID": "sha256:089f13e86d6447b9182a23ca4e357b13f067208db1b04ba14cac3edb51c2e6a8" + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:oracle:openjdk:17.0.10+7\u0000-J-ms8m:*:*:*:*:*:*:*" + ], + "purl": "pkg:generic/java@17.0.10%2B7\u0000-J-ms8m", + "upstreams": [] + } + } + ], + "source": { + "type": "image", + "target": { + "userInput": "REDACTED", + "imageID": "sha256:07a3eb7aaaaaaaaa69f29ff9a2945c9bb0a6592654421b8357c", + "manifestDigest": "sha256:4e1c538085614cbc0c9affbb206abbec3220118425409662e46b3d4bb71d1b6d", + "mediaType": "application/vnd.oci.image.manifest.v1+json", + "tags": [], + "imageSize": 514054352, + "layers": [ + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:5faf9c0a9efe4675ecd21a4ec417d51077d5e75da9e673161a94e7d6cd43f92c", + "size": 72802466 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:61bb835859af3b3418d9e5115ee0d0421d771af4b576354cb47e4911898411e6", + "size": 45773705 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:089f13e86d6447b9182a23ca4e357b13f067208db1b04ba14cac3edb51c2e6a8", + "size": 140722808 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:8a6992ae127d603d9816b4ac8d1b3b3f6b0bb29b1e64e38c86247805de797dcd", + "size": 0 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:31c91cb1196883a0861aa5f1d363e6e343070418704db46e47df1735eb95e473", + "size": 1182 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:2adb74596640882e72d1cfd59684d1d3053a4eaccc8cbd4ff769a6bc103736d9", + "size": 1780912 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:d3bd5e7d3a771e112ed5b0f61be054654d828c5198f6aee29dc57fb47f5ecede", + "size": 60515187 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:ebe801fcbe62d62d5bee3994743f3d556ecea3c6fcac9e4eb9c4b157cfd5c05d", + "size": 1143874 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", + "size": 0 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:cdf08086dbb4ff8e9de7b5986a4fe720a91b3508932988a9931a44bc595c0451", + "size": 32 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:62cee45bfd8de3003a1745ba5cce836429b96fab015d6c8d347edb5fc2b8f538", + "size": 393832 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:7d93f74f90a566f90f6ce733e1f03e592770f0eb579ebb3339ac43732913dcf5", + "size": 368 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:b626fe3114d1abd6c629c5adeb769fe28112e0268242a1bc66497ec6c6fddfc0", + "size": 1734 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:ecdc721e0f0e4244958fd6ed4aa658f600f66cc49e8e258680bbb8f0781b1eae", + "size": 2102 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:c3f7d9738db6fe33aa41e359b35ccad67c52e9e1fe1d2aa8ae986a52c63abdbc", + "size": 28 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", + "size": 0 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:43054870c5ee79c9c489db42b054d832ed7ad38bb85d7d085ae6d9ed0fa22191", + "size": 31964241 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", + "size": 0 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:629931e16568b7012bc94fa971085301f8239812690ff2422fcbf2a22475eb57", + "size": 158934808 + }, + { + "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", + "digest": "sha256:9fdd7c20fc0792669cf8e16a770c40d99c0fa3bf74b51500270b762b1420047d", + "size": 17073 + } + ], + "manifest": "ewogICJzY2hlbWFWZXJzaW9uIjogMiwKICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubWFuaWZlc3QudjEranNvbiIsCiAgImNvbmZpZyI6IHsKICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5jb25maWcudjEranNvbiIsCiAgICAiZGlnZXN0IjogInNoYTI1NjowN2EzZWI3YjhlZTM2ZTkxYjZlMmIzZWU2YTFiOTY5ZjI5ZmY5YTI5NDVjOWJiMGE2NTkyNjU0NDIxYjgzNTdjIiwKICAgICJzaXplIjogMTE4ODgKICB9LAogICJsYXllcnMiOiBbCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OjYzZTliYmUzMjMyNzRlNzdlNThkNzdjNmFiNjgwMmQyNDc0NThmNzg0MjIyZmJiMDdhMjU1NmQ2ZWM3NGVlMDUiLAogICAgICAic2l6ZSI6IDI4NTg0MzE3CiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1Njo0NDgyYjE5MjIwMjFmYjdhNzE5MzI4MzEzMmM5MTQzYTQ2ZjhjNmUzZjIyNTgyY2NhYWViMzAyM2VmOGYwYWUzIiwKICAgICAgInNpemUiOiAxNjkyMDU2MwogICAgfSwKICAgIHsKICAgICAgIm1lZGlhVHlwZSI6ICJhcHBsaWNhdGlvbi92bmQub2NpLmltYWdlLmxheWVyLnYxLnRhcitnemlwIiwKICAgICAgImRpZ2VzdCI6ICJzaGEyNTY6MjJhZGMyZTM2ZjljODJkN2JiYTFiODJjZWExNjIxNmE2MWZhNzIzYzQ3MDlkMTAwZDM4OTVhNDRhZDBlYzlkYSIsCiAgICAgICJzaXplIjogNDcxNjQxMjYKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OmE5MzkxN2Y4N2FjM2ExZTljMGM5MDJjYmMyNjcwNTMyZmYyMDhiOGI5NmE0NzAyYTUzMGU2ZmVkMzQyOGQ0MDkiLAogICAgICAic2l6ZSI6IDE1OQogICAgfSwKICAgIHsKICAgICAgIm1lZGlhVHlwZSI6ICJhcHBsaWNhdGlvbi92bmQub2NpLmltYWdlLmxheWVyLnYxLnRhcitnemlwIiwKICAgICAgImRpZ2VzdCI6ICJzaGEyNTY6ZmMwZDZlYzBmNmE0YWRiN2UwMGUyMDdjYzBmMWRmOTM0M2ViOTM0MDQxOTU1MTg4MjU2YWE5MGNhZTgwMDdjYiIsCiAgICAgICJzaXplIjogNzMzCiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1NjozYjQwMjk2N2UxYjJhYWRlMDBjOTkwZWFlZmQ3NjEyMjYzZTFkNTZlMzMyNTE0Yzg5OTljZGM2NjYyNzVhYmRkIiwKICAgICAgInNpemUiOiA0Njk2NDIKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OjI3NTA5NjI4OTY4MjQ3ZDNmNTg5Yjk5NGUzNWU1NWI5YjJjNTI3NzQ0NGFjNGUyMzg5OTcwM2UzNjRhZjY1ZjUiLAogICAgICAic2l6ZSI6IDM4Njk3NzM5CiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1Njo5ZWQwNmM0ZWRkMTllYzRjMDBhM2YxODlhMDNkOGM1Yzg0ODM4ZTc3MzQ3MTkwZDlmMTM1MDhkZDk5ZWZmMjk4IiwKICAgICAgInNpemUiOiAzNTA3MjcKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OjRmNGZiNzAwZWY1NDQ2MWNmYTAyNTcxYWUwZGI5YTBkYzFlMGNkYjU1Nzc0ODRhNmQ3NWU2OGRjMzhlOGFjYzEiLAogICAgICAic2l6ZSI6IDMyCiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1Njo3YTFhMTQxMTQ3ZjYyMTY2MmJlYWUyZDc5MzcwODMyODU4YjFiY2EzZDIyMmRkNzY0YTYwYjY4NGViN2E0NzNlIiwKICAgICAgInNpemUiOiAyMDYKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OjJhM2YxNDM3NDVjNTBjMTRhMTJmZDBmYTdkOTAzYmY4MzBjZGQ2NTc2NDNhZWQ0MTVhNjMzMmEwMDdlMmEzMzMiLAogICAgICAic2l6ZSI6IDE5OTgKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OmZjNTkxNmUxMWEzOTc5ZmM0NzFiOWFkMWU0NDIwMDBiZmI1YmQyNjJlZjg0YWFiOWYyMGJmODRiNzFmYmJkYzAiLAogICAgICAic2l6ZSI6IDM3NQogICAgfSwKICAgIHsKICAgICAgIm1lZGlhVHlwZSI6ICJhcHBsaWNhdGlvbi92bmQub2NpLmltYWdlLmxheWVyLnYxLnRhcitnemlwIiwKICAgICAgImRpZ2VzdCI6ICJzaGEyNTY6ZjE2MTJmYWNkMjhiNDIzOWEwNmE5OGZiNWUxMWMzMjViYmZkYmNkOGJjZWVkMDdlZDE2NjcxZWFkODdkOTQ2YiIsCiAgICAgICJzaXplIjogOTE1CiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1NjoxMTFlYTU5YmNiNjZjZjYxOTFiYzU5YTI4ZTU4ZTI0MzIyNjkwYmFlODU2MTc4MThjZDY5YTYxNzM0MjAwYWIyIiwKICAgICAgInNpemUiOiAxMTAzCiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1NjoxYWIxNjY5OWQ2ZDlkNzVkYzg0MmE4ZjUzMTUxM2NiYzk4OWFiYTY0Y2UxZWEzNjA2YTIzMmRlMWU0ZWVkNGIzIiwKICAgICAgInNpemUiOiAyNTYKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OjRmNGZiNzAwZWY1NDQ2MWNmYTAyNTcxYWUwZGI5YTBkYzFlMGNkYjU1Nzc0ODRhNmQ3NWU2OGRjMzhlOGFjYzEiLAogICAgICAic2l6ZSI6IDMyCiAgICB9LAogICAgewogICAgICAibWVkaWFUeXBlIjogImFwcGxpY2F0aW9uL3ZuZC5vY2kuaW1hZ2UubGF5ZXIudjEudGFyK2d6aXAiLAogICAgICAiZGlnZXN0IjogInNoYTI1NjpiMTMyMmJhYWE5Zjc3MmMwNzJlOWY0NDhkZjJkMDZiNjZkYmEyNzhkNTY3MGIyYWYwZDM5Njg0OTBkOTJlMzUwIiwKICAgICAgInNpemUiOiAxODg4MzQ2NgogICAgfSwKICAgIHsKICAgICAgIm1lZGlhVHlwZSI6ICJhcHBsaWNhdGlvbi92bmQub2NpLmltYWdlLmxheWVyLnYxLnRhcitnemlwIiwKICAgICAgImRpZ2VzdCI6ICJzaGEyNTY6NGY0ZmI3MDBlZjU0NDYxY2ZhMDI1NzFhZTBkYjlhMGRjMWUwY2RiNTU3NzQ4NGE2ZDc1ZTY4ZGMzOGU4YWNjMSIsCiAgICAgICJzaXplIjogMzIKICAgIH0sCiAgICB7CiAgICAgICJtZWRpYVR5cGUiOiAiYXBwbGljYXRpb24vdm5kLm9jaS5pbWFnZS5sYXllci52MS50YXIrZ3ppcCIsCiAgICAgICJkaWdlc3QiOiAic2hhMjU2OmExYzc5YjJlZjkwYmExZDlhZTMwZjNhOGNlNzEyYjQ0MGU0YWEyOGIxODc1NzA4ZmRjMTYwNzJkMTgyNTBhNmIiLAogICAgICAic2l6ZSI6IDE0OTQyMjY4OAogICAgfSwKICAgIHsKICAgICAgIm1lZGlhVHlwZSI6ICJhcHBsaWNhdGlvbi92bmQub2NpLmltYWdlLmxheWVyLnYxLnRhcitnemlwIiwKICAgICAgImRpZ2VzdCI6ICJzaGEyNTY6MzBhNmQ2NTMzN2JiOGE0Njg2MTUyMDVmMzFjOTJkYjZmMmRmYTFmMzJkNzI1Y2IxZjcwZjQwYjE4ODA1OGMyOSIsCiAgICAgICJzaXplIjogMzI1NgogICAgfQogIF0KfQ==", + "config": "eyJhcmNoaXRlY3R1cmUiOiJhbWQ2NCIsImNvbmZpZyI6eyJVc2VyIjoiY2FtcyIsIkV4cG9zZWRQb3J0cyI6eyI4MDgwL3RjcCI6e319LCJFbnYiOlsiUEFUSD0vb3B0L2phdmEvb3Blbmpkay9iaW46L3Vzci9sb2NhbC9zYmluOi91c3IvbG9jYWwvYmluOi91c3Ivc2JpbjovdXNyL2Jpbjovc2JpbjovYmluIiwiSkFWQV9IT01FPS9vcHQvamF2YS9vcGVuamRrIiwiTEFORz1lbl9VUy5VVEYtOCIsIkxBTkdVQUdFPWVuX1VTOmVuIiwiTENfQUxMPWVuX1VTLlVURi04IiwiSkFWQV9WRVJTSU9OPWpkay0xNy4wLjEwKzciLCJKQVZBX09QVFM9LVhYOk1pblJBTVBlcmNlbnRhZ2U9NTAgLVhYOk1heFJBTVBlcmNlbnRhZ2U9ODAgLVhYOitVc2VDb250YWluZXJTdXBwb3J0IiwiU1BSSU5HX0NPTkZJR19MT0NBVElPTj1maWxlOi9ldGMvY2Ftcy8iLCJTUFJJTkdfUFJPRklMRVNfQUNUSVZFPSIsIkNBTVNfQVBQTElDQVRJT049YXBwbGljYXRpb24uamFyIiwiQ0FNU19BUFBfUE9SVD04MDgwIiwiVkVSU0lPTj0wLjE1MC4wIiwiTkFNRT1qb3VybmFsLXJlcG9ydC1zZXJ2aWNlcy1hcHAiXSwiRW50cnlwb2ludCI6WyIvdXNyL2xvY2FsL2Jpbi9kb2NrZXItZW50cnlwb2ludC5zaCJdLCJXb3JraW5nRGlyIjoiL29wdC9jYW1zIiwiTGFiZWxzIjp7ImFyY2hpdGVjdHVyZSI6IiIsImJ6Y29tcG9uZW50Ijoiam91cm5hbC1yZXBvcnQtc2VydmljZXMtYXBwIiwibWFpbnRhaW5lciI6IlRlY2huZXN0IElUIFx1MDAzY2l0QHRlY2huZXN0LmVzXHUwMDNlIiwibmFtZSI6ImpvdXJuYWwtcmVwb3J0LXNlcnZpY2VzLWFwcCIsIm9yZy5vcGVuY29udGFpbmVycy5pbWFnZS5yZWYubmFtZSI6InVidW50dSIsIm9yZy5vcGVuY29udGFpbmVycy5pbWFnZS52ZXJzaW9uIjoiMjAuMDQiLCJyZWxlYXNlIjoiMC4xNTAuMCIsInZlcnNpb24iOiIwLjE1MC4wIn19LCJjcmVhdGVkIjoiMjAyNC0wNC0xMFQwNjoyMzoxMC42NTIyMDEwNVoiLCJoaXN0b3J5IjpbeyJjcmVhdGVkIjoiMjAyNC0wMi0xNlQyMTozMjo0OS42NjE2NzY5NVoiLCJjcmVhdGVkX2J5IjoiL2Jpbi9zaCAtYyAjKG5vcCkgIEFSRyBSRUxFQVNFIiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDItMTZUMjE6MzI6NDkuNjk0NjczMjkzWiIsImNyZWF0ZWRfYnkiOiIvYmluL3NoIC1jICMobm9wKSAgQVJHIExBVU5DSFBBRF9CVUlMRF9BUkNIIiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDItMTZUMjE6MzI6NDkuNzE5ODk2NTMxWiIsImNyZWF0ZWRfYnkiOiIvYmluL3NoIC1jICMobm9wKSAgTEFCRUwgb3JnLm9wZW5jb250YWluZXJzLmltYWdlLnJlZi5uYW1lPXVidW50dSIsImVtcHR5X2xheWVyIjp0cnVlfSx7ImNyZWF0ZWQiOiIyMDI0LTAyLTE2VDIxOjMyOjQ5Ljc1ODkxMzc1N1oiLCJjcmVhdGVkX2J5IjoiL2Jpbi9zaCAtYyAjKG5vcCkgIExBQkVMIG9yZy5vcGVuY29udGFpbmVycy5pbWFnZS52ZXJzaW9uPTIwLjA0IiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDItMTZUMjE6MzI6NTIuMTc2NDA4NDFaIiwiY3JlYXRlZF9ieSI6Ii9iaW4vc2ggLWMgIyhub3ApIEFERCBmaWxlOmEyNTc5OGYzMTIxOTAwMGQ2YTgyZDJjOTI1ODc0MzkyNmIxYTQwMDUzMGQxMmRiYjFlYWRmMmMyNTE5Zjk4ODggaW4gLyAifSx7ImNyZWF0ZWQiOiIyMDI0LTAyLTE2VDIxOjMyOjUyLjM5MTMzMzc1NFoiLCJjcmVhdGVkX2J5IjoiL2Jpbi9zaCAtYyAjKG5vcCkgIENNRCBbXCIvYmluL2Jhc2hcIl0iLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wMy0yN1QxNTo0NDoxMloiLCJjcmVhdGVkX2J5IjoiRU5WIEpBVkFfSE9NRT0vb3B0L2phdmEvb3BlbmpkayIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDMtMjdUMTU6NDQ6MTJaIiwiY3JlYXRlZF9ieSI6IkVOViBQQVRIPS9vcHQvamF2YS9vcGVuamRrL2JpbjovdXNyL2xvY2FsL3NiaW46L3Vzci9sb2NhbC9iaW46L3Vzci9zYmluOi91c3IvYmluOi9zYmluOi9iaW4iLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCIsImVtcHR5X2xheWVyIjp0cnVlfSx7ImNyZWF0ZWQiOiIyMDI0LTAzLTI3VDE1OjQ0OjEyWiIsImNyZWF0ZWRfYnkiOiJFTlYgTEFORz1lbl9VUy5VVEYtOCBMQU5HVUFHRT1lbl9VUzplbiBMQ19BTEw9ZW5fVVMuVVRGLTgiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCIsImVtcHR5X2xheWVyIjp0cnVlfSx7ImNyZWF0ZWQiOiIyMDI0LTAzLTI3VDE1OjQ0OjEyWiIsImNyZWF0ZWRfYnkiOiJSVU4gL2Jpbi9zaCAtYyBzZXQgLWV1eDsgICAgIGFwdC1nZXQgdXBkYXRlOyAgICAgREVCSUFOX0ZST05URU5EPW5vbmludGVyYWN0aXZlIGFwdC1nZXQgaW5zdGFsbCAteSAtLW5vLWluc3RhbGwtcmVjb21tZW5kcyAgICAgICAgIGN1cmwgICAgICAgICB3Z2V0ICAgICAgICAgZm9udGNvbmZpZyAgICAgICAgIGNhLWNlcnRpZmljYXRlcyBwMTEta2l0ICAgICAgICAgdHpkYXRhICAgICAgICAgbG9jYWxlcyAgICAgOyAgICAgZWNobyBcImVuX1VTLlVURi04IFVURi04XCIgXHUwMDNlXHUwMDNlIC9ldGMvbG9jYWxlLmdlbjsgICAgIGxvY2FsZS1nZW4gZW5fVVMuVVRGLTg7ICAgICBybSAtcmYgL3Zhci9saWIvYXB0L2xpc3RzLyogIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wMy0yN1QxNTo0NDoxMloiLCJjcmVhdGVkX2J5IjoiRU5WIEpBVkFfVkVSU0lPTj1qZGstMTcuMC4xMCs3IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAiLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wMy0yN1QxNTo0NDoxMloiLCJjcmVhdGVkX2J5IjoiUlVOIC9iaW4vc2ggLWMgc2V0IC1ldXg7ICAgICBBUkNIPVwiJChkcGtnIC0tcHJpbnQtYXJjaGl0ZWN0dXJlKVwiOyAgICAgY2FzZSBcIiR7QVJDSH1cIiBpbiAgICAgICAgYWFyY2g2NHxhcm02NCkgICAgICAgICAgRVNVTT0nMTYwODBkMDU1ZGEwOTYyZmJkNmI0MGY2NTlhOThhNDU3Y2JhM2VmYTdlYTcxNmQ1NDAwY2ZlYmU4YjkzNWJmMCc7ICAgICAgICAgIEJJTkFSWV9VUkw9J2h0dHBzOi8vZ2l0aHViLmNvbS9hZG9wdGl1bS90ZW11cmluMTctYmluYXJpZXMvcmVsZWFzZXMvZG93bmxvYWQvamRrLTE3LjAuMTAlMkI3L09wZW5KREsxN1UtanJlX2FhcmNoNjRfbGludXhfaG90c3BvdF8xNy4wLjEwXzcudGFyLmd6JzsgICAgICAgICAgOzsgICAgICAgIGFtZDY0fGkzODY6eDg2LTY0KSAgICAgICAgICBFU1VNPSc2MjBjYzBlNzMzOGYyNzIyZjNlZDA3NmFjNjVjMGZhZmI1NzU5ODE0MjZiYWM0ZTE5NzA4NjBlNWUyZDA0OGYwJzsgICAgICAgICAgQklOQVJZX1VSTD0naHR0cHM6Ly9naXRodWIuY29tL2Fkb3B0aXVtL3RlbXVyaW4xNy1iaW5hcmllcy9yZWxlYXNlcy9kb3dubG9hZC9qZGstMTcuMC4xMCUyQjcvT3BlbkpESzE3VS1qcmVfeDY0X2xpbnV4X2hvdHNwb3RfMTcuMC4xMF83LnRhci5neic7ICAgICAgICAgIDs7ICAgICAgICBhcm1oZnxhcm0pICAgICAgICAgIEVTVU09JzAzNzhiZGY2NzY5NjMyYjE4MmIyN2JhNGU1M2IxN2VhZWZlZmRiYWZhMzg0NWMxNWUxYmQ4OGE1YWVlYzg0NDInOyAgICAgICAgICBCSU5BUllfVVJMPSdodHRwczovL2dpdGh1Yi5jb20vYWRvcHRpdW0vdGVtdXJpbjE3LWJpbmFyaWVzL3JlbGVhc2VzL2Rvd25sb2FkL2pkay0xNy4wLjEwJTJCNy9PcGVuSkRLMTdVLWpyZV9hcm1fbGludXhfaG90c3BvdF8xNy4wLjEwXzcudGFyLmd6JzsgICAgICAgICAgOzsgICAgICAgIHBwYzY0ZWx8cG93ZXJwYzpjb21tb242NCkgICAgICAgICAgRVNVTT0nNGUxOGI2MGRiYTU0MGI1YzQzMWZmMDNmNzRhMWM3M2IyMmQ4MzE1MWY5M2I4NzY4MjQxZDI2NGQxYTUzNTgyZCc7ICAgICAgICAgIEJJTkFSWV9VUkw9J2h0dHBzOi8vZ2l0aHViLmNvbS9hZG9wdGl1bS90ZW11cmluMTctYmluYXJpZXMvcmVsZWFzZXMvZG93bmxvYWQvamRrLTE3LjAuMTAlMkI3L09wZW5KREsxN1UtanJlX3BwYzY0bGVfbGludXhfaG90c3BvdF8xNy4wLjEwXzcudGFyLmd6JzsgICAgICAgICAgOzsgICAgICAgIHMzOTB4fHMzOTA6NjQtYml0KSAgICAgICAgICBFU1VNPSdjMWIyZmQyMzJmYzU1ZTgxNDQ3OWQ3NTg1ZDdlYzQ1YmFlOTUyYTJmNDEzNzA4NGYxZDk5Zjk1OGM2ODgwYTQ5JzsgICAgICAgICAgQklOQVJZX1VSTD0naHR0cHM6Ly9naXRodWIuY29tL2Fkb3B0aXVtL3RlbXVyaW4xNy1iaW5hcmllcy9yZWxlYXNlcy9kb3dubG9hZC9qZGstMTcuMC4xMCUyQjcvT3BlbkpESzE3VS1qcmVfczM5MHhfbGludXhfaG90c3BvdF8xNy4wLjEwXzcudGFyLmd6JzsgICAgICAgICAgOzsgICAgICAgICopICAgICAgICAgIGVjaG8gXCJVbnN1cHBvcnRlZCBhcmNoOiAke0FSQ0h9XCI7ICAgICAgICAgIGV4aXQgMTsgICAgICAgICAgOzsgICAgIGVzYWM7ICAgICB3Z2V0IC0tcHJvZ3Jlc3M9ZG90OmdpZ2EgLU8gL3RtcC9vcGVuamRrLnRhci5neiAke0JJTkFSWV9VUkx9OyAgICAgZWNobyBcIiR7RVNVTX0gKi90bXAvb3Blbmpkay50YXIuZ3pcIiB8IHNoYTI1NnN1bSAtYyAtOyAgICAgbWtkaXIgLXAgXCIkSkFWQV9IT01FXCI7ICAgICB0YXIgLS1leHRyYWN0ICAgICAgICAgLS1maWxlIC90bXAvb3Blbmpkay50YXIuZ3ogICAgICAgICAtLWRpcmVjdG9yeSBcIiRKQVZBX0hPTUVcIiAgICAgICAgIC0tc3RyaXAtY29tcG9uZW50cyAxICAgICAgICAgLS1uby1zYW1lLW93bmVyICAgICA7ICAgICBybSAtZiAvdG1wL29wZW5qZGsudGFyLmd6ICR7SkFWQV9IT01FfS9saWIvc3JjLnppcDsgICAgIGZpbmQgXCIkSkFWQV9IT01FL2xpYlwiIC1uYW1lICcqLnNvJyAtZXhlYyBkaXJuYW1lICd7fScgJzsnIHwgc29ydCAtdSBcdTAwM2UgL2V0Yy9sZC5zby5jb25mLmQvZG9ja2VyLW9wZW5qZGsuY29uZjsgICAgIGxkY29uZmlnOyAgICAgamF2YSAtWHNoYXJlOmR1bXA7ICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9LHsiY3JlYXRlZCI6IjIwMjQtMDMtMjdUMTU6NDQ6MTJaIiwiY3JlYXRlZF9ieSI6IlJVTiAvYmluL3NoIC1jIHNldCAtZXV4OyAgICAgZWNobyBcIlZlcmlmeWluZyBpbnN0YWxsIC4uLlwiOyAgICAgZWNobyBcImphdmEgLS12ZXJzaW9uXCI7IGphdmEgLS12ZXJzaW9uOyAgICAgZWNobyBcIkNvbXBsZXRlLlwiICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9LHsiY3JlYXRlZCI6IjIwMjQtMDMtMjdUMTU6NDQ6MTJaIiwiY3JlYXRlZF9ieSI6IkNPUFkgZW50cnlwb2ludC5zaCAvX19jYWNlcnRfZW50cnlwb2ludC5zaCAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTAzLTI3VDE1OjQ0OjEyWiIsImNyZWF0ZWRfYnkiOiJFTlRSWVBPSU5UIFtcIi9fX2NhY2VydF9lbnRyeXBvaW50LnNoXCJdIiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAiLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNjo0NS45NDE2OTAzNzdaIiwiY3JlYXRlZF9ieSI6IlJVTiAvYmluL3NoIC1jIGVjaG8gJ2RlYmNvbmYgZGViY29uZi9mcm9udGVuZCBzZWxlY3QgTm9uaW50ZXJhY3RpdmUnIHwgZGViY29uZi1zZXQtc2VsZWN0aW9ucyAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTA5VDEzOjA3OjAzLjA0OTQ2MjM4NVoiLCJjcmVhdGVkX2J5IjoiUlVOIC9iaW4vc2ggLWMgYXB0IHVwZGF0ZSBcdTAwMjZcdTAwMjYgICAgIGFwdCB1cGdyYWRlIC15IFx1MDAyNlx1MDAyNiAgICAgYXB0IGluc3RhbGwgLXkgc3VkbyBwcm9jcHMgbmV0LXRvb2xzICAgICAgYXB0LXV0aWxzIHdnZXQgY3VybCBjYS1jZXJ0aWZpY2F0ZXMganEgIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzowOC42OTA0MDkxODFaIiwiY3JlYXRlZF9ieSI6IlJVTiAvYmluL3NoIC1jIGFwdCBpbnN0YWxsIC15IGxpYmFwcjEgbGliYXBydXRpbDEgXHUwMDI2XHUwMDI2ICAgICBlY2hvICdMRF9MSUJSQVJZX1BBVEg9JExEX0xJQlJBUllfUEFUSDovdXNyL2xvY2FsL2Fwci9saWInIFx1MDAzZVx1MDAzZSAvZXRjL3Byb2ZpbGUuZC9hcGFjaGVfdG9tY2F0X25hdGl2ZV9saWJyYXJ5LnNoIFx1MDAyNlx1MDAyNiAgICAgZWNobyAnZXhwb3J0IExEX0xJQlJBUllfUEFUSCcgXHUwMDNlXHUwMDNlIC9ldGMvcHJvZmlsZS5kL2FwYWNoZV90b21jYXRfbmF0aXZlX2xpYnJhcnkuc2ggIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS4wODYxMjU1NloiLCJjcmVhdGVkX2J5IjoiUlVOIC9iaW4vc2ggLWMgYXB0IGNsZWFuIGF1dG9jbGVhbiBcdTAwMjZcdTAwMjYgICAgIGFwdCBhdXRvcmVtb3ZlIC15IFx1MDAyNlx1MDAyNiAgICAgcm0gLXJmIC92YXIvbGliL3thcHQsZHBrZyxjYWNoZSxsb2d9LyAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTA5VDEzOjA3OjExLjE3Njk2NjQ1MVoiLCJjcmVhdGVkX2J5IjoiUlVOIC9iaW4vc2ggLWMgZWNobyAndW5zZXQgSElTVE9SWScgXHUwMDNlXHUwMDNlIC9ldGMvcHJvZmlsZS5kL2Rpc2FibGVfYmFzaF9oaXN0b3J5LnNoIFx1MDAyNlx1MDAyNiAgICAgZWNobyAnZXhwb3J0IEhJU1RTSVpFPTAnICBcdTAwM2VcdTAwM2UgL2V0Yy9wcm9maWxlLmQvZGlzYWJsZV9iYXNoX2hpc3Rvcnkuc2ggIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS40MTE3OTU4NjVaIiwiY3JlYXRlZF9ieSI6IlJVTiAvYmluL3NoIC1jIG1rZGlyIC9vcHQvY2FtcyAvZXRjL3NzbC9jYW1zIFx1MDAyNlx1MDAyNiAgICAgZ3JvdXBhZGQgLWcgMTIwMCBjYW1zIFx1MDAyNlx1MDAyNiAgICAgYWRkdXNlciAtLXN5c3RlbSAtLXNoZWxsIC9zYmluL25vbG9naW4gLS1ob21lIC9vcHQvY2FtcyAtLWdpZCAxMjAwIC0tdWlkIDEyMDAgY2FtcyBcdTAwMjZcdTAwMjYgICAgIGNob3duIGNhbXM6Y2FtcyAvb3B0L2NhbXMgL2V0Yy9zc2wvY2FtcyBcdTAwMjZcdTAwMjYgICAgIGVjaG8gJ3NvdXJjZSAvZXRjL3Byb2ZpbGUnIFx1MDAzZVx1MDAzZSAvb3B0L2NhbXMvLmJhc2hyYyAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTA5VDEzOjA3OjExLjQ0MjUyMTI3WiIsImNyZWF0ZWRfYnkiOiJBREQgY2Ftcy5zdWRvZXJzIC9ldGMvc3Vkb2Vycy5kL2NhbXMgIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS40ODQxOTIwMTVaIiwiY3JlYXRlZF9ieSI6IkNPUFkgLS1jaG93bj1jYW1zOmNhbXMgZG9ja2VyLWVudHJ5cG9pbnQuc2ggL3Vzci9sb2NhbC9iaW4gIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS41OTUxODAyNTJaIiwiY3JlYXRlZF9ieSI6IlJVTiAvYmluL3NoIC1jIGNobW9kIDc1NSAvdXNyL2xvY2FsL2Jpbi9kb2NrZXItZW50cnlwb2ludC5zaCBcdTAwMjZcdTAwMjYgICAgIGNobW9kIDY1MCAvZXRjL3N1ZG9lcnMuZC9jYW1zICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9LHsiY3JlYXRlZCI6IjIwMjQtMDQtMDlUMTM6MDc6MTEuNzM3NDg5OTQ4WiIsImNyZWF0ZWRfYnkiOiJSVU4gL2Jpbi9zaCAtYyBta2RpciAtcCAkSkFWQV9IT01FL2pyZS9saWIvc2VjdXJpdHkvIFx1MDAyNlx1MDAyNiAgICAgZWNobyBcIm5ldHdvcmthZGRyZXNzLmNhY2hlLnR0bD02MFwiIFx1MDAzZVx1MDAzZSAkSkFWQV9IT01FL2pyZS9saWIvc2VjdXJpdHkvamF2YS5zZWN1cml0eSAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTA5VDEzOjA3OjExLjc3MzAyMjM4WiIsImNyZWF0ZWRfYnkiOiJVU0VSIGNhbXMiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCIsImVtcHR5X2xheWVyIjp0cnVlfSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTA5VDEzOjA3OjExLjc3MzAyMjM4WiIsImNyZWF0ZWRfYnkiOiJXT1JLRElSIC9vcHQvY2FtcyIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS43NzMwMjIzOFoiLCJjcmVhdGVkX2J5IjoiRU5WIEpBVkFfT1BUUz0tWFg6TWluUkFNUGVyY2VudGFnZT01MCAtWFg6TWF4UkFNUGVyY2VudGFnZT04MCAtWFg6K1VzZUNvbnRhaW5lclN1cHBvcnQgU1BSSU5HX0NPTkZJR19MT0NBVElPTj1maWxlOi9ldGMvY2Ftcy8gU1BSSU5HX1BST0ZJTEVTX0FDVElWRT0gQ0FNU19BUFBMSUNBVElPTj1hcHBsaWNhdGlvbi5qYXIgQ0FNU19BUFBfUE9SVD04MDgwIiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAiLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wNC0wOVQxMzowNzoxMS43NzMwMjIzOFoiLCJjcmVhdGVkX2J5IjoiRU5UUllQT0lOVCBbXCIvdXNyL2xvY2FsL2Jpbi9kb2NrZXItZW50cnlwb2ludC5zaFwiXSIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDQtMTBUMDY6MjM6MDkuMzg0NjUzNjE4WiIsImNyZWF0ZWRfYnkiOiJFTlYgVkVSU0lPTj0wLjE1MC4wIE5BTUU9am91cm5hbC1yZXBvcnQtc2VydmljZXMtYXBwIiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAiLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wNC0xMFQwNjoyMzowOS4zODQ2NTM2MThaIiwiY3JlYXRlZF9ieSI6IkxBQkVMIGJ6Y29tcG9uZW50PWpvdXJuYWwtcmVwb3J0LXNlcnZpY2VzLWFwcCBuYW1lPWpvdXJuYWwtcmVwb3J0LXNlcnZpY2VzLWFwcCB2ZXJzaW9uPTAuMTUwLjAgcmVsZWFzZT0wLjE1MC4wIGFyY2hpdGVjdHVyZT0gbWFpbnRhaW5lcj1UZWNobmVzdCBJVCBcdTAwM2NpdEB0ZWNobmVzdC5lc1x1MDAzZSIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIiwiZW1wdHlfbGF5ZXIiOnRydWV9LHsiY3JlYXRlZCI6IjIwMjQtMDQtMTBUMDY6MjM6MDkuMzg0NjUzNjE4WiIsImNyZWF0ZWRfYnkiOiJVU0VSIHJvb3QiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCIsImVtcHR5X2xheWVyIjp0cnVlfSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTEwVDA2OjIzOjA5LjM4NDY1MzYxOFoiLCJjcmVhdGVkX2J5IjoiUlVOIC9iaW4vc2ggLWMgYXB0IHVwZGF0ZSBcdTAwMjZcdTAwMjYgYXB0IGluc3RhbGwgLXkgZm9udGNvbmZpZyBmb250cy1mcmVlZm9udC10dGYgZm9udHMtZnJlZWZvbnQtdHRmIGZvbnRzLWRlamF2dS1jb3JlIGZvbnRzLWRlamF2dS1leHRyYSAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTEwVDA2OjIzOjA5LjM4NDY1MzYxOFoiLCJjcmVhdGVkX2J5IjoiVVNFUiBjYW1zIiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAiLCJlbXB0eV9sYXllciI6dHJ1ZX0seyJjcmVhdGVkIjoiMjAyNC0wNC0xMFQwNjoyMzowOS40MTk5ODE3MDhaIiwiY3JlYXRlZF9ieSI6IldPUktESVIgL29wdC9jYW1zIiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTEwVDA2OjIzOjEwLjYwMzE2NzAwOVoiLCJjcmVhdGVkX2J5IjoiQ09QWSAtLWNob3duPWNhbXM6Y2FtcyAqLmphciAvb3B0L2NhbXMvYXBwbGljYXRpb24uamFyICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9LHsiY3JlYXRlZCI6IjIwMjQtMDQtMTBUMDY6MjM6MTAuNjUyMjAxMDVaIiwiY3JlYXRlZF9ieSI6IkNPUFkgLS1jaG93bj1jYW1zOmNhbXMgY29uZmlnIC9ldGMvY2FtcyAjIGJ1aWxka2l0IiwiY29tbWVudCI6ImJ1aWxka2l0LmRvY2tlcmZpbGUudjAifSx7ImNyZWF0ZWQiOiIyMDI0LTA0LTEwVDA2OjIzOjEwLjY1MjIwMTA1WiIsImNyZWF0ZWRfYnkiOiJFWFBPU0UgbWFwWzgwODAvdGNwOnt9XSIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIiwiZW1wdHlfbGF5ZXIiOnRydWV9XSwib3MiOiJsaW51eCIsInJvb3RmcyI6eyJ0eXBlIjoibGF5ZXJzIiwiZGlmZl9pZHMiOlsic2hhMjU2OjVmYWY5YzBhOWVmZTQ2NzVlY2QyMWE0ZWM0MTdkNTEwNzdkNWU3NWRhOWU2NzMxNjFhOTRlN2Q2Y2Q0M2Y5MmMiLCJzaGEyNTY6NjFiYjgzNTg1OWFmM2IzNDE4ZDllNTExNWVlMGQwNDIxZDc3MWFmNGI1NzYzNTRjYjQ3ZTQ5MTE4OTg0MTFlNiIsInNoYTI1NjowODlmMTNlODZkNjQ0N2I5MTgyYTIzY2E0ZTM1N2IxM2YwNjcyMDhkYjFiMDRiYTE0Y2FjM2VkYjUxYzJlNmE4Iiwic2hhMjU2OjhhNjk5MmFlMTI3ZDYwM2Q5ODE2YjRhYzhkMWIzYjNmNmIwYmIyOWIxZTY0ZTM4Yzg2MjQ3ODA1ZGU3OTdkY2QiLCJzaGEyNTY6MzFjOTFjYjExOTY4ODNhMDg2MWFhNWYxZDM2M2U2ZTM0MzA3MDQxODcwNGRiNDZlNDdkZjE3MzVlYjk1ZTQ3MyIsInNoYTI1NjoyYWRiNzQ1OTY2NDA4ODJlNzJkMWNmZDU5Njg0ZDFkMzA1M2E0ZWFjY2M4Y2JkNGZmNzY5YTZiYzEwMzczNmQ5Iiwic2hhMjU2OmQzYmQ1ZTdkM2E3NzFlMTEyZWQ1YjBmNjFiZTA1NDY1NGQ4MjhjNTE5OGY2YWVlMjlkYzU3ZmI0N2Y1ZWNlZGUiLCJzaGEyNTY6ZWJlODAxZmNiZTYyZDYyZDViZWUzOTk0NzQzZjNkNTU2ZWNlYTNjNmZjYWM5ZTRlYjljNGIxNTdjZmQ1YzA1ZCIsInNoYTI1Njo1ZjcwYmYxOGEwODYwMDcwMTZlOTQ4YjA0YWVkM2I4MjEwM2EzNmJlYTQxNzU1YjZjZGRmYWYxMGFjZTNjNmVmIiwic2hhMjU2OmNkZjA4MDg2ZGJiNGZmOGU5ZGU3YjU5ODZhNGZlNzIwYTkxYjM1MDg5MzI5ODhhOTkzMWE0NGJjNTk1YzA0NTEiLCJzaGEyNTY6NjJjZWU0NWJmZDhkZTMwMDNhMTc0NWJhNWNjZTgzNjQyOWI5NmZhYjAxNWQ2YzhkMzQ3ZWRiNWZjMmI4ZjUzOCIsInNoYTI1Njo3ZDkzZjc0ZjkwYTU2NmY5MGY2Y2U3MzNlMWYwM2U1OTI3NzBmMGViNTc5ZWJiMzMzOWFjNDM3MzI5MTNkY2Y1Iiwic2hhMjU2OmI2MjZmZTMxMTRkMWFiZDZjNjI5YzVhZGViNzY5ZmUyODExMmUwMjY4MjQyYTFiYzY2NDk3ZWM2YzZmZGRmYzAiLCJzaGEyNTY6ZWNkYzcyMWUwZjBlNDI0NDk1OGZkNmVkNGFhNjU4ZjYwMGY2NmNjNDllOGUyNTg2ODBiYmI4ZjA3ODFiMWVhZSIsInNoYTI1NjpjM2Y3ZDk3MzhkYjZmZTMzYWE0MWUzNTliMzVjY2FkNjdjNTJlOWUxZmUxZDJhYThhZTk4NmE1MmM2M2FiZGJjIiwic2hhMjU2OjVmNzBiZjE4YTA4NjAwNzAxNmU5NDhiMDRhZWQzYjgyMTAzYTM2YmVhNDE3NTViNmNkZGZhZjEwYWNlM2M2ZWYiLCJzaGEyNTY6NDMwNTQ4NzBjNWVlNzljOWM0ODlkYjQyYjA1NGQ4MzJlZDdhZDM4YmI4NWQ3ZDA4NWFlNmQ5ZWQwZmEyMjE5MSIsInNoYTI1Njo1ZjcwYmYxOGEwODYwMDcwMTZlOTQ4YjA0YWVkM2I4MjEwM2EzNmJlYTQxNzU1YjZjZGRmYWYxMGFjZTNjNmVmIiwic2hhMjU2OjYyOTkzMWUxNjU2OGI3MDEyYmM5NGZhOTcxMDg1MzAxZjgyMzk4MTI2OTBmZjI0MjJmY2JmMmEyMjQ3NWViNTciLCJzaGEyNTY6OWZkZDdjMjBmYzA3OTI2NjljZjhlMTZhNzcwYzQwZDk5YzBmYTNiZjc0YjUxNTAwMjcwYjc2MmIxNDIwMDQ3ZCJdfX0=", + "repoDigests": [ + "REDACTED" + ], + "architecture": "amd64", + "os": "linux", + "labels": { + "architecture": "", + "bzcomponent": "REDACTED", + "maintainer": "REDACTED", + "name": "REDACTED", + "org.opencontainers.image.ref.name": "ubuntu", + "org.opencontainers.image.version": "20.04", + "release": "0.150.0", + "version": "0.150.0" + } + } + }, + "distro": { + "name": "ubuntu", + "version": "20.04", + "idLike": [ + "debian" + ] + }, + "descriptor": { + "name": "grype", + "version": "0.75.0", + "configuration": { + "output": [ + "json" + ], + "file": "container-report-linux-amd64.json", + "distro": "", + "add-cpes-if-none": false, + "output-template-file": "", + "check-for-app-update": true, + "only-fixed": false, + "only-notfixed": false, + "ignore-wontfix": "", + "platform": "linux/amd64", + "search": { + "scope": "squashed", + "unindexed-archives": false, + "indexed-archives": true + }, + "ignore": null, + "exclude": [], + "db": { + "cache-dir": "/root/.cache/grype/db", + "update-url": "https://toolbox-data.anchore.io/grype/databases/listing.json", + "ca-cert": "", + "auto-update": true, + "validate-by-hash-on-start": false, + "validate-age": true, + "max-allowed-built-age": 432000000000000, + "update-available-timeout": 30000000000, + "update-download-timeout": 120000000000 + }, + "externalSources": { + "enable": false, + "maven": { + "searchUpstreamBySha1": true, + "baseUrl": "https://search.maven.org/solrsearch/select" + } + }, + "match": { + "java": { + "using-cpes": false + }, + "dotnet": { + "using-cpes": false + }, + "golang": { + "using-cpes": false, + "always-use-cpe-for-stdlib": true + }, + "javascript": { + "using-cpes": false + }, + "python": { + "using-cpes": false + }, + "ruby": { + "using-cpes": false + }, + "rust": { + "using-cpes": false + }, + "stock": { + "using-cpes": true + } + }, + "fail-on-severity": "", + "registry": { + "insecure-skip-tls-verify": false, + "insecure-use-http": false, + "auth": null, + "ca-cert": "" + }, + "show-suppressed": false, + "by-cve": false, + "name": "", + "default-image-pull-source": "", + "vex-documents": [], + "vex-add": [] + }, + "db": { + "built": "2024-04-10T01:25:07Z", + "schemaVersion": 5, + "location": "/root/.cache/grype/db/5", + "checksum": "sha256:bb6e98b144551912bc9f1fe7381ad2b83c8e1d07d0b3a4c341bfea182ae1269c", + "error": null + }, + "timestamp": "2024-04-10T11:05:22.636338786Z" + } +} diff --git a/unittests/test_import_reimport.py b/unittests/test_import_reimport.py index 98ce581626c..8ff4e7d549e 100644 --- a/unittests/test_import_reimport.py +++ b/unittests/test_import_reimport.py @@ -102,6 +102,8 @@ def __init__(self, *args, **kwargs): self.scan_type_gitlab_dast = "GitLab DAST Report" self.anchore_grype_file_name = get_unit_tests_scans_path("anchore_grype") / "check_all_fields.json" + self.anchore_grype_file_name_fix_not_available = get_unit_tests_scans_path("anchore_grype") / "fix_not_available.json" + self.anchore_grype_file_name_fix_available = get_unit_tests_scans_path("anchore_grype") / "fix_available.json" self.anchore_grype_scan_type = "Anchore Grype" self.checkmarx_one_open_and_false_positive = get_unit_tests_scans_path("checkmarx_one") / "one-open-one-false-positive.json" @@ -1693,6 +1695,27 @@ def test_import_reimport_vulnerability_ids(self): self.assertEqual("GHSA-v6rh-hp5x-86rv", findings[3].vulnerability_ids[0]) self.assertEqual("CVE-2021-44420", findings[3].vulnerability_ids[1]) + def test_import_reimport_fix_available(self): + import0 = self.import_scan_with_params(self.anchore_grype_file_name_fix_not_available, scan_type=self.anchore_grype_scan_type) + test_id = import0["test"] + test = Test.objects.get(id=test_id) + findings = Finding.objects.filter(test=test) + self.assertEqual(1, len(findings)) + self.assertEqual(False, findings[0].fix_available) + test_type = Test_Type.objects.get(name=self.anchore_grype_scan_type) + reimport_test = Test( + engagement=test.engagement, + test_type=test_type, + scan_type=self.anchore_grype_scan_type, + target_start=datetime.now(timezone.get_current_timezone()), + target_end=datetime.now(timezone.get_current_timezone()), + ) + reimport_test.save() + self.reimport_scan_with_params(reimport_test.id, self.anchore_grype_file_name_fix_available, scan_type=self.anchore_grype_scan_type) + findings = Finding.objects.filter(test=reimport_test) + self.assertEqual(1, len(findings)) + self.assertEqual(True, findings[0].fix_available) + def test_import_history_reactivated_and_untouched_findings_do_not_mix(self): import0 = self.import_scan_with_params(self.generic_import_1, scan_type=self.scan_type_generic) test_id = import0["test"] diff --git a/unittests/tools/test_anchore_grype_parser.py b/unittests/tools/test_anchore_grype_parser.py index 362fb63a5f7..25f89b595bc 100644 --- a/unittests/tools/test_anchore_grype_parser.py +++ b/unittests/tools/test_anchore_grype_parser.py @@ -265,6 +265,7 @@ def test_grype_issue_9618(self): parser = AnchoreGrypeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(35, len(findings)) + self.assertEqual(findings[0].fix_available, True) def test_grype_issue_9942(self): with (get_unit_tests_scans_path("anchore_grype") / "issue_9942.json").open(encoding="utf-8") as testfile: From d56eabbe70f6c6c1c4a8e003f70af230a57f1b0e Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Thu, 28 Aug 2025 22:55:55 +0200 Subject: [PATCH 10/21] update --- dojo/tools/anchore_grype/parser.py | 4 ++++ unittests/tools/test_anchore_grype_parser.py | 15 +++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/dojo/tools/anchore_grype/parser.py b/dojo/tools/anchore_grype/parser.py index 99866af435f..34b55b738a9 100644 --- a/dojo/tools/anchore_grype/parser.py +++ b/dojo/tools/anchore_grype/parser.py @@ -122,12 +122,15 @@ def get_findings(self, file, test): finding_mitigation = None fix_available = False + fix_version = None if vuln_fix_versions: fix_available = True finding_mitigation = "Upgrade to version:" if len(vuln_fix_versions) == 1: finding_mitigation += f" {vuln_fix_versions[0]}" + fix_version = vuln_fix_versions[0] else: + fix_version = ", ".join(vuln_fix_versions) for fix_version in vuln_fix_versions: finding_mitigation += f"\n- {fix_version}" @@ -203,6 +206,7 @@ def get_findings(self, file, test): nb_occurences=1, file_path=file_path, fix_available=fix_available, + fix_version=fix_version, ) dupes[dupe_key].unsaved_vulnerability_ids = vulnerability_ids diff --git a/unittests/tools/test_anchore_grype_parser.py b/unittests/tools/test_anchore_grype_parser.py index 25f89b595bc..44239da61f0 100644 --- a/unittests/tools/test_anchore_grype_parser.py +++ b/unittests/tools/test_anchore_grype_parser.py @@ -265,7 +265,22 @@ def test_grype_issue_9618(self): parser = AnchoreGrypeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(35, len(findings)) + + def test_grype_fix_not_available(self): + with (get_unit_tests_scans_path("anchore_grype") / "fix_not_available.json").open(encoding="utf-8") as testfile: + parser = AnchoreGrypeParser() + findings = parser.get_findings(testfile, Test()) + self.assertEqual(1, len(findings)) + self.assertEqual(findings[0].fix_available, False) + self.assertEqual(findings[0].fix_version, None) + + def test_grype_fix_available(self): + with (get_unit_tests_scans_path("anchore_grype") / "fix_available.json").open(encoding="utf-8") as testfile: + parser = AnchoreGrypeParser() + findings = parser.get_findings(testfile, Test()) + self.assertEqual(1, len(findings)) self.assertEqual(findings[0].fix_available, True) + self.assertEqual(findings[0].fix_version, "1.2.3") def test_grype_issue_9942(self): with (get_unit_tests_scans_path("anchore_grype") / "issue_9942.json").open(encoding="utf-8") as testfile: From b0eb9d902dfa58fb008cd71e125f729a9041990e Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Thu, 28 Aug 2025 22:59:04 +0200 Subject: [PATCH 11/21] add unittests --- unittests/test_import_reimport.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/unittests/test_import_reimport.py b/unittests/test_import_reimport.py index 8ff4e7d549e..81aa1136dcf 100644 --- a/unittests/test_import_reimport.py +++ b/unittests/test_import_reimport.py @@ -1702,6 +1702,8 @@ def test_import_reimport_fix_available(self): findings = Finding.objects.filter(test=test) self.assertEqual(1, len(findings)) self.assertEqual(False, findings[0].fix_available) + self.assertEqual(None, findings[0].fix_version) + test_type = Test_Type.objects.get(name=self.anchore_grype_scan_type) reimport_test = Test( engagement=test.engagement, @@ -1715,6 +1717,7 @@ def test_import_reimport_fix_available(self): findings = Finding.objects.filter(test=reimport_test) self.assertEqual(1, len(findings)) self.assertEqual(True, findings[0].fix_available) + self.assertEqual("1.2.3", findings[0].fix_version) def test_import_history_reactivated_and_untouched_findings_do_not_mix(self): import0 = self.import_scan_with_params(self.generic_import_1, scan_type=self.scan_type_generic) From f7c2ed84f9b2cbed6e4a25605ddb448633eb76d9 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Thu, 28 Aug 2025 23:01:46 +0200 Subject: [PATCH 12/21] ruff --- unittests/test_import_reimport.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unittests/test_import_reimport.py b/unittests/test_import_reimport.py index 81aa1136dcf..4f1aa94638b 100644 --- a/unittests/test_import_reimport.py +++ b/unittests/test_import_reimport.py @@ -1703,7 +1703,7 @@ def test_import_reimport_fix_available(self): self.assertEqual(1, len(findings)) self.assertEqual(False, findings[0].fix_available) self.assertEqual(None, findings[0].fix_version) - + test_type = Test_Type.objects.get(name=self.anchore_grype_scan_type) reimport_test = Test( engagement=test.engagement, From 89e2fed77d5228861b50e9e1d848d83af53faabf Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Sat, 30 Aug 2025 20:58:23 +0200 Subject: [PATCH 13/21] update --- dojo/templates/dojo/view_finding.html | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/dojo/templates/dojo/view_finding.html b/dojo/templates/dojo/view_finding.html index db282a2fb37..5aa13e150bf 100755 --- a/dojo/templates/dojo/view_finding.html +++ b/dojo/templates/dojo/view_finding.html @@ -556,6 +556,9 @@

{% if finding.component_version %} Component Version {% endif %} + {% if finding.fix_available %} + Fix Available + {% endif %} {% if finding.fix_version %} Fixed Version {% endif %} @@ -618,6 +621,13 @@

{% endif %} + {% if finding.fix_available %} + + + {{ finding.fix_available }} + + + {% endif %} {% if finding.fix_version %} From 5c64fa0f7ccd0cb778213757638f543a9a4d8c3b Mon Sep 17 00:00:00 2001 From: valentijnscholten Date: Mon, 1 Sep 2025 09:00:24 +0200 Subject: [PATCH 14/21] sync migration --- dojo/db_migrations/0243_finding_fix_version.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dojo/db_migrations/0243_finding_fix_version.py b/dojo/db_migrations/0243_finding_fix_version.py index 5c01f6d9658..24672c99df6 100644 --- a/dojo/db_migrations/0243_finding_fix_version.py +++ b/dojo/db_migrations/0243_finding_fix_version.py @@ -13,6 +13,6 @@ class Migration(migrations.Migration): migrations.AddField( model_name='finding', name='fix_version', - field=models.CharField(blank=True, help_text='Version of the affected component where the flaw will be fixed.', max_length=100, null=True, verbose_name='Fix version'), + field=models.CharField(blank=True, help_text='Version of the affected component in which the flaw is fixed.', max_length=100, null=True, verbose_name='Fix version'), ), ] From a8bd413faf2caa5fef086031ed975b533fcc0c13 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Sun, 5 Oct 2025 22:35:15 +0200 Subject: [PATCH 15/21] rebase --- ...{0243_finding_fix_version.py => 0245_finding_fix_version.py} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename dojo/db_migrations/{0243_finding_fix_version.py => 0245_finding_fix_version.py} (91%) diff --git a/dojo/db_migrations/0243_finding_fix_version.py b/dojo/db_migrations/0245_finding_fix_version.py similarity index 91% rename from dojo/db_migrations/0243_finding_fix_version.py rename to dojo/db_migrations/0245_finding_fix_version.py index 24672c99df6..53b363477cc 100644 --- a/dojo/db_migrations/0243_finding_fix_version.py +++ b/dojo/db_migrations/0245_finding_fix_version.py @@ -6,7 +6,7 @@ class Migration(migrations.Migration): dependencies = [ - ('dojo', '0242_file_upload_cleanup'), + ('dojo', '0244_pghistory_indices'), ] operations = [ From 95bf03a722a4bd7ae5d1977f043d1a6ff6f65a20 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Sun, 5 Oct 2025 22:41:21 +0200 Subject: [PATCH 16/21] update according to comment --- .../connecting_your_tools/import_scan_files/using_reimport.md | 4 ++-- dojo/tools/harbor_vulnerability/parser.py | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md b/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md index 1e4d04d2e18..c702099f7bc 100644 --- a/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md +++ b/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md @@ -32,9 +32,9 @@ Any vulnerabilities which were not contained in the previous import will be adde If any incoming Findings match Findings that already exist, the incoming Findings will be discarded rather than recorded as Duplicates. These Findings have been recorded already \- no need to add a new Finding object. The Test page will show these Findings as **Left Untouched**. -### Field fix_available +### Fields fix_available and fix_version -If any incoming Findings match Findings that already exist, the incoming Finding is checked if the field `fix_available` differs and is updated if yes. These Findings have been recorded already \- no need to add a new Finding object. The Test page will show these Findings as **Left Untouched**. +If any incoming Findings match Findings that already exist, the incoming Finding is checked if the fields `fix_available` and `fix_version` differ and are updated if yes. These Findings have been recorded already \- no need to add a new Finding object. The Test page will show these Findings as **Left Untouched**. ### Close Findings diff --git a/dojo/tools/harbor_vulnerability/parser.py b/dojo/tools/harbor_vulnerability/parser.py index 92e3e7973a1..44cabf2d3cc 100644 --- a/dojo/tools/harbor_vulnerability/parser.py +++ b/dojo/tools/harbor_vulnerability/parser.py @@ -86,7 +86,6 @@ def get_findings(self, filename, test): component_version=package_version, cwe=cwe, fix_available=fix_available, - fix_version=fix_version, ) if vulnerability_id: find.unsaved_vulnerability_ids = [vulnerability_id] From 2dbbd39cf34fd4accf3b4584ba45341ae565a2a5 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Fri, 31 Oct 2025 17:11:17 +0100 Subject: [PATCH 17/21] update according to rebase --- ...{0245_finding_fix_version.py => 0247_finding_fix_version.py} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename dojo/db_migrations/{0245_finding_fix_version.py => 0247_finding_fix_version.py} (87%) diff --git a/dojo/db_migrations/0245_finding_fix_version.py b/dojo/db_migrations/0247_finding_fix_version.py similarity index 87% rename from dojo/db_migrations/0245_finding_fix_version.py rename to dojo/db_migrations/0247_finding_fix_version.py index 53b363477cc..2c5cfcc2a7e 100644 --- a/dojo/db_migrations/0245_finding_fix_version.py +++ b/dojo/db_migrations/0247_finding_fix_version.py @@ -6,7 +6,7 @@ class Migration(migrations.Migration): dependencies = [ - ('dojo', '0244_pghistory_indices'), + ('dojo', '0246_endpoint_idx_ep_product_lower_host_and_more'), ] operations = [ From f75e0b745d68506496c499544ed51f1c695de7df Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Sat, 1 Nov 2025 13:56:11 +0100 Subject: [PATCH 18/21] update --- .../db_migrations/0247_finding_fix_version.py | 18 ------- ...7_remove_finding_insert_insert_and_more.py | 49 +++++++++++++++++++ 2 files changed, 49 insertions(+), 18 deletions(-) delete mode 100644 dojo/db_migrations/0247_finding_fix_version.py create mode 100644 dojo/db_migrations/0247_remove_finding_insert_insert_and_more.py diff --git a/dojo/db_migrations/0247_finding_fix_version.py b/dojo/db_migrations/0247_finding_fix_version.py deleted file mode 100644 index 2c5cfcc2a7e..00000000000 --- a/dojo/db_migrations/0247_finding_fix_version.py +++ /dev/null @@ -1,18 +0,0 @@ -# Generated by Django 5.1.11 on 2025-08-28 09:16 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ('dojo', '0246_endpoint_idx_ep_product_lower_host_and_more'), - ] - - operations = [ - migrations.AddField( - model_name='finding', - name='fix_version', - field=models.CharField(blank=True, help_text='Version of the affected component in which the flaw is fixed.', max_length=100, null=True, verbose_name='Fix version'), - ), - ] diff --git a/dojo/db_migrations/0247_remove_finding_insert_insert_and_more.py b/dojo/db_migrations/0247_remove_finding_insert_insert_and_more.py new file mode 100644 index 00000000000..43bad6c2a7c --- /dev/null +++ b/dojo/db_migrations/0247_remove_finding_insert_insert_and_more.py @@ -0,0 +1,49 @@ +# Generated by Django 5.1.13 on 2025-11-01 12:54 + +import pgtrigger.compiler +import pgtrigger.migrations +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('dojo', '0246_endpoint_idx_ep_product_lower_host_and_more'), + ] + + operations = [ + pgtrigger.migrations.RemoveTrigger( + model_name='finding', + name='insert_insert', + ), + pgtrigger.migrations.RemoveTrigger( + model_name='finding', + name='update_update', + ), + pgtrigger.migrations.RemoveTrigger( + model_name='finding', + name='delete_delete', + ), + migrations.AddField( + model_name='finding', + name='fix_version', + field=models.CharField(blank=True, help_text='Version of the affected component in which the flaw is fixed.', max_length=100, null=True, verbose_name='Fix version'), + ), + migrations.AddField( + model_name='findingevent', + name='fix_version', + field=models.CharField(blank=True, help_text='Version of the affected component in which the flaw is fixed.', max_length=100, null=True, verbose_name='Fix version'), + ), + pgtrigger.migrations.AddTrigger( + model_name='finding', + trigger=pgtrigger.compiler.Trigger(name='insert_insert', sql=pgtrigger.compiler.UpsertTriggerSql(func='INSERT INTO "dojo_findingevent" ("active", "component_name", "component_version", "created", "cve", "cvssv3", "cvssv3_score", "cvssv4", "cvssv4_score", "cwe", "date", "defect_review_requested_by_id", "description", "duplicate", "duplicate_finding_id", "dynamic_finding", "effort_for_fixing", "epss_percentile", "epss_score", "false_p", "file_path", "fix_available", "fix_version", "hash_code", "id", "impact", "is_mitigated", "kev_date", "known_exploited", "last_reviewed", "last_reviewed_by_id", "last_status_update", "line", "mitigated", "mitigated_by_id", "mitigation", "nb_occurences", "numerical_severity", "out_of_scope", "param", "payload", "pgh_context_id", "pgh_created_at", "pgh_label", "pgh_obj_id", "planned_remediation_date", "planned_remediation_version", "publish_date", "ransomware_used", "refs", "reporter_id", "review_requested_by_id", "risk_accepted", "sast_sink_object", "sast_source_file_path", "sast_source_line", "sast_source_object", "scanner_confidence", "service", "severity", "severity_justification", "sla_expiration_date", "sla_start_date", "sonarqube_issue_id", "static_finding", "steps_to_reproduce", "test_id", "thread_id", "title", "under_defect_review", "under_review", "unique_id_from_tool", "url", "verified", "vuln_id_from_tool") VALUES (NEW."active", NEW."component_name", NEW."component_version", NEW."created", NEW."cve", NEW."cvssv3", NEW."cvssv3_score", NEW."cvssv4", NEW."cvssv4_score", NEW."cwe", NEW."date", NEW."defect_review_requested_by_id", NEW."description", NEW."duplicate", NEW."duplicate_finding_id", NEW."dynamic_finding", NEW."effort_for_fixing", NEW."epss_percentile", NEW."epss_score", NEW."false_p", NEW."file_path", NEW."fix_available", NEW."fix_version", NEW."hash_code", NEW."id", NEW."impact", NEW."is_mitigated", NEW."kev_date", NEW."known_exploited", NEW."last_reviewed", NEW."last_reviewed_by_id", NEW."last_status_update", NEW."line", NEW."mitigated", NEW."mitigated_by_id", NEW."mitigation", NEW."nb_occurences", NEW."numerical_severity", NEW."out_of_scope", NEW."param", NEW."payload", _pgh_attach_context(), NOW(), \'insert\', NEW."id", NEW."planned_remediation_date", NEW."planned_remediation_version", NEW."publish_date", NEW."ransomware_used", NEW."refs", NEW."reporter_id", NEW."review_requested_by_id", NEW."risk_accepted", NEW."sast_sink_object", NEW."sast_source_file_path", NEW."sast_source_line", NEW."sast_source_object", NEW."scanner_confidence", NEW."service", NEW."severity", NEW."severity_justification", NEW."sla_expiration_date", NEW."sla_start_date", NEW."sonarqube_issue_id", NEW."static_finding", NEW."steps_to_reproduce", NEW."test_id", NEW."thread_id", NEW."title", NEW."under_defect_review", NEW."under_review", NEW."unique_id_from_tool", NEW."url", NEW."verified", NEW."vuln_id_from_tool"); RETURN NULL;', hash='7420e87ec2d068d96796af35888c418c547b768a', operation='INSERT', pgid='pgtrigger_insert_insert_2fbbb', table='dojo_finding', when='AFTER')), + ), + pgtrigger.migrations.AddTrigger( + model_name='finding', + trigger=pgtrigger.compiler.Trigger(name='update_update', sql=pgtrigger.compiler.UpsertTriggerSql(condition='WHEN (OLD."active" IS DISTINCT FROM (NEW."active") OR OLD."component_name" IS DISTINCT FROM (NEW."component_name") OR OLD."component_version" IS DISTINCT FROM (NEW."component_version") OR OLD."cve" IS DISTINCT FROM (NEW."cve") OR OLD."cvssv3" IS DISTINCT FROM (NEW."cvssv3") OR OLD."cvssv3_score" IS DISTINCT FROM (NEW."cvssv3_score") OR OLD."cvssv4" IS DISTINCT FROM (NEW."cvssv4") OR OLD."cvssv4_score" IS DISTINCT FROM (NEW."cvssv4_score") OR OLD."cwe" IS DISTINCT FROM (NEW."cwe") OR OLD."date" IS DISTINCT FROM (NEW."date") OR OLD."defect_review_requested_by_id" IS DISTINCT FROM (NEW."defect_review_requested_by_id") OR OLD."description" IS DISTINCT FROM (NEW."description") OR OLD."duplicate" IS DISTINCT FROM (NEW."duplicate") OR OLD."duplicate_finding_id" IS DISTINCT FROM (NEW."duplicate_finding_id") OR OLD."dynamic_finding" IS DISTINCT FROM (NEW."dynamic_finding") OR OLD."effort_for_fixing" IS DISTINCT FROM (NEW."effort_for_fixing") OR OLD."epss_percentile" IS DISTINCT FROM (NEW."epss_percentile") OR OLD."epss_score" IS DISTINCT FROM (NEW."epss_score") OR OLD."false_p" IS DISTINCT FROM (NEW."false_p") OR OLD."file_path" IS DISTINCT FROM (NEW."file_path") OR OLD."fix_available" IS DISTINCT FROM (NEW."fix_available") OR OLD."fix_version" IS DISTINCT FROM (NEW."fix_version") OR OLD."hash_code" IS DISTINCT FROM (NEW."hash_code") OR OLD."id" IS DISTINCT FROM (NEW."id") OR OLD."impact" IS DISTINCT FROM (NEW."impact") OR OLD."is_mitigated" IS DISTINCT FROM (NEW."is_mitigated") OR OLD."kev_date" IS DISTINCT FROM (NEW."kev_date") OR OLD."known_exploited" IS DISTINCT FROM (NEW."known_exploited") OR OLD."last_reviewed" IS DISTINCT FROM (NEW."last_reviewed") OR OLD."last_reviewed_by_id" IS DISTINCT FROM (NEW."last_reviewed_by_id") OR OLD."line" IS DISTINCT FROM (NEW."line") OR OLD."mitigated" IS DISTINCT FROM (NEW."mitigated") OR OLD."mitigated_by_id" IS DISTINCT FROM (NEW."mitigated_by_id") OR OLD."mitigation" IS DISTINCT FROM (NEW."mitigation") OR OLD."nb_occurences" IS DISTINCT FROM (NEW."nb_occurences") OR OLD."numerical_severity" IS DISTINCT FROM (NEW."numerical_severity") OR OLD."out_of_scope" IS DISTINCT FROM (NEW."out_of_scope") OR OLD."param" IS DISTINCT FROM (NEW."param") OR OLD."payload" IS DISTINCT FROM (NEW."payload") OR OLD."planned_remediation_date" IS DISTINCT FROM (NEW."planned_remediation_date") OR OLD."planned_remediation_version" IS DISTINCT FROM (NEW."planned_remediation_version") OR OLD."publish_date" IS DISTINCT FROM (NEW."publish_date") OR OLD."ransomware_used" IS DISTINCT FROM (NEW."ransomware_used") OR OLD."refs" IS DISTINCT FROM (NEW."refs") OR OLD."reporter_id" IS DISTINCT FROM (NEW."reporter_id") OR OLD."review_requested_by_id" IS DISTINCT FROM (NEW."review_requested_by_id") OR OLD."risk_accepted" IS DISTINCT FROM (NEW."risk_accepted") OR OLD."sast_sink_object" IS DISTINCT FROM (NEW."sast_sink_object") OR OLD."sast_source_file_path" IS DISTINCT FROM (NEW."sast_source_file_path") OR OLD."sast_source_line" IS DISTINCT FROM (NEW."sast_source_line") OR OLD."sast_source_object" IS DISTINCT FROM (NEW."sast_source_object") OR OLD."scanner_confidence" IS DISTINCT FROM (NEW."scanner_confidence") OR OLD."service" IS DISTINCT FROM (NEW."service") OR OLD."severity" IS DISTINCT FROM (NEW."severity") OR OLD."severity_justification" IS DISTINCT FROM (NEW."severity_justification") OR OLD."sla_expiration_date" IS DISTINCT FROM (NEW."sla_expiration_date") OR OLD."sla_start_date" IS DISTINCT FROM (NEW."sla_start_date") OR OLD."sonarqube_issue_id" IS DISTINCT FROM (NEW."sonarqube_issue_id") OR OLD."static_finding" IS DISTINCT FROM (NEW."static_finding") OR OLD."steps_to_reproduce" IS DISTINCT FROM (NEW."steps_to_reproduce") OR OLD."test_id" IS DISTINCT FROM (NEW."test_id") OR OLD."thread_id" IS DISTINCT FROM (NEW."thread_id") OR OLD."title" IS DISTINCT FROM (NEW."title") OR OLD."under_defect_review" IS DISTINCT FROM (NEW."under_defect_review") OR OLD."under_review" IS DISTINCT FROM (NEW."under_review") OR OLD."unique_id_from_tool" IS DISTINCT FROM (NEW."unique_id_from_tool") OR OLD."url" IS DISTINCT FROM (NEW."url") OR OLD."verified" IS DISTINCT FROM (NEW."verified") OR OLD."vuln_id_from_tool" IS DISTINCT FROM (NEW."vuln_id_from_tool"))', func='INSERT INTO "dojo_findingevent" ("active", "component_name", "component_version", "created", "cve", "cvssv3", "cvssv3_score", "cvssv4", "cvssv4_score", "cwe", "date", "defect_review_requested_by_id", "description", "duplicate", "duplicate_finding_id", "dynamic_finding", "effort_for_fixing", "epss_percentile", "epss_score", "false_p", "file_path", "fix_available", "fix_version", "hash_code", "id", "impact", "is_mitigated", "kev_date", "known_exploited", "last_reviewed", "last_reviewed_by_id", "last_status_update", "line", "mitigated", "mitigated_by_id", "mitigation", "nb_occurences", "numerical_severity", "out_of_scope", "param", "payload", "pgh_context_id", "pgh_created_at", "pgh_label", "pgh_obj_id", "planned_remediation_date", "planned_remediation_version", "publish_date", "ransomware_used", "refs", "reporter_id", "review_requested_by_id", "risk_accepted", "sast_sink_object", "sast_source_file_path", "sast_source_line", "sast_source_object", "scanner_confidence", "service", "severity", "severity_justification", "sla_expiration_date", "sla_start_date", "sonarqube_issue_id", "static_finding", "steps_to_reproduce", "test_id", "thread_id", "title", "under_defect_review", "under_review", "unique_id_from_tool", "url", "verified", "vuln_id_from_tool") VALUES (NEW."active", NEW."component_name", NEW."component_version", NEW."created", NEW."cve", NEW."cvssv3", NEW."cvssv3_score", NEW."cvssv4", NEW."cvssv4_score", NEW."cwe", NEW."date", NEW."defect_review_requested_by_id", NEW."description", NEW."duplicate", NEW."duplicate_finding_id", NEW."dynamic_finding", NEW."effort_for_fixing", NEW."epss_percentile", NEW."epss_score", NEW."false_p", NEW."file_path", NEW."fix_available", NEW."fix_version", NEW."hash_code", NEW."id", NEW."impact", NEW."is_mitigated", NEW."kev_date", NEW."known_exploited", NEW."last_reviewed", NEW."last_reviewed_by_id", NEW."last_status_update", NEW."line", NEW."mitigated", NEW."mitigated_by_id", NEW."mitigation", NEW."nb_occurences", NEW."numerical_severity", NEW."out_of_scope", NEW."param", NEW."payload", _pgh_attach_context(), NOW(), \'update\', NEW."id", NEW."planned_remediation_date", NEW."planned_remediation_version", NEW."publish_date", NEW."ransomware_used", NEW."refs", NEW."reporter_id", NEW."review_requested_by_id", NEW."risk_accepted", NEW."sast_sink_object", NEW."sast_source_file_path", NEW."sast_source_line", NEW."sast_source_object", NEW."scanner_confidence", NEW."service", NEW."severity", NEW."severity_justification", NEW."sla_expiration_date", NEW."sla_start_date", NEW."sonarqube_issue_id", NEW."static_finding", NEW."steps_to_reproduce", NEW."test_id", NEW."thread_id", NEW."title", NEW."under_defect_review", NEW."under_review", NEW."unique_id_from_tool", NEW."url", NEW."verified", NEW."vuln_id_from_tool"); RETURN NULL;', hash='d7e612a41414689328bb28abab60a073aa989fad', operation='UPDATE', pgid='pgtrigger_update_update_92175', table='dojo_finding', when='AFTER')), + ), + pgtrigger.migrations.AddTrigger( + model_name='finding', + trigger=pgtrigger.compiler.Trigger(name='delete_delete', sql=pgtrigger.compiler.UpsertTriggerSql(func='INSERT INTO "dojo_findingevent" ("active", "component_name", "component_version", "created", "cve", "cvssv3", "cvssv3_score", "cvssv4", "cvssv4_score", "cwe", "date", "defect_review_requested_by_id", "description", "duplicate", "duplicate_finding_id", "dynamic_finding", "effort_for_fixing", "epss_percentile", "epss_score", "false_p", "file_path", "fix_available", "fix_version", "hash_code", "id", "impact", "is_mitigated", "kev_date", "known_exploited", "last_reviewed", "last_reviewed_by_id", "last_status_update", "line", "mitigated", "mitigated_by_id", "mitigation", "nb_occurences", "numerical_severity", "out_of_scope", "param", "payload", "pgh_context_id", "pgh_created_at", "pgh_label", "pgh_obj_id", "planned_remediation_date", "planned_remediation_version", "publish_date", "ransomware_used", "refs", "reporter_id", "review_requested_by_id", "risk_accepted", "sast_sink_object", "sast_source_file_path", "sast_source_line", "sast_source_object", "scanner_confidence", "service", "severity", "severity_justification", "sla_expiration_date", "sla_start_date", "sonarqube_issue_id", "static_finding", "steps_to_reproduce", "test_id", "thread_id", "title", "under_defect_review", "under_review", "unique_id_from_tool", "url", "verified", "vuln_id_from_tool") VALUES (OLD."active", OLD."component_name", OLD."component_version", OLD."created", OLD."cve", OLD."cvssv3", OLD."cvssv3_score", OLD."cvssv4", OLD."cvssv4_score", OLD."cwe", OLD."date", OLD."defect_review_requested_by_id", OLD."description", OLD."duplicate", OLD."duplicate_finding_id", OLD."dynamic_finding", OLD."effort_for_fixing", OLD."epss_percentile", OLD."epss_score", OLD."false_p", OLD."file_path", OLD."fix_available", OLD."fix_version", OLD."hash_code", OLD."id", OLD."impact", OLD."is_mitigated", OLD."kev_date", OLD."known_exploited", OLD."last_reviewed", OLD."last_reviewed_by_id", OLD."last_status_update", OLD."line", OLD."mitigated", OLD."mitigated_by_id", OLD."mitigation", OLD."nb_occurences", OLD."numerical_severity", OLD."out_of_scope", OLD."param", OLD."payload", _pgh_attach_context(), NOW(), \'delete\', OLD."id", OLD."planned_remediation_date", OLD."planned_remediation_version", OLD."publish_date", OLD."ransomware_used", OLD."refs", OLD."reporter_id", OLD."review_requested_by_id", OLD."risk_accepted", OLD."sast_sink_object", OLD."sast_source_file_path", OLD."sast_source_line", OLD."sast_source_object", OLD."scanner_confidence", OLD."service", OLD."severity", OLD."severity_justification", OLD."sla_expiration_date", OLD."sla_start_date", OLD."sonarqube_issue_id", OLD."static_finding", OLD."steps_to_reproduce", OLD."test_id", OLD."thread_id", OLD."title", OLD."under_defect_review", OLD."under_review", OLD."unique_id_from_tool", OLD."url", OLD."verified", OLD."vuln_id_from_tool"); RETURN NULL;', hash='b78d66e2d4e1cb791b58b944a8b9204f13fe1552', operation='DELETE', pgid='pgtrigger_delete_delete_72933', table='dojo_finding', when='AFTER')), + ), + ] From 2d25f3d5352e1fb0997b929d685e46620e60b409 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Sat, 1 Nov 2025 18:22:39 +0100 Subject: [PATCH 19/21] update --- docs/content/en/open_source/upgrading/2.52.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/content/en/open_source/upgrading/2.52.md b/docs/content/en/open_source/upgrading/2.52.md index 20eef3fb214..56004ed808f 100644 --- a/docs/content/en/open_source/upgrading/2.52.md +++ b/docs/content/en/open_source/upgrading/2.52.md @@ -92,5 +92,8 @@ There are other instructions for upgrading to 2.52.x. Check the [Release Notes]( Mobsfscan Scan" has been merged into the "MobSF Scan" parser. The "Mobsfscan Scan" scan_type has been retained to keep deduplication working for existing Tests, but users are encouraged to move to the "MobSF Scan" scan_type. +## Reimport updates fields fix_available and fix_version +If any incoming Findings match Findings that already exist, the incoming Finding is checked if the fields `fix_available` and `fix_version` differ and are updated if yes. + ## Release notes Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.52.0) for the contents of the release. From 8950a4c754bba125672bcb731177160f1cf93879 Mon Sep 17 00:00:00 2001 From: manuelsommer <47991713+manuel-sommer@users.noreply.github.com> Date: Sun, 2 Nov 2025 00:44:30 +0100 Subject: [PATCH 20/21] Clarify reimport behavior for findings update Reimport will update existing findings 'fix_available' and 'fix_version' fields based on the incoming scan report. --- docs/content/en/open_source/upgrading/2.52.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/en/open_source/upgrading/2.52.md b/docs/content/en/open_source/upgrading/2.52.md index 56004ed808f..677aa33e614 100644 --- a/docs/content/en/open_source/upgrading/2.52.md +++ b/docs/content/en/open_source/upgrading/2.52.md @@ -93,7 +93,7 @@ There are other instructions for upgrading to 2.52.x. Check the [Release Notes]( Mobsfscan Scan" has been merged into the "MobSF Scan" parser. The "Mobsfscan Scan" scan_type has been retained to keep deduplication working for existing Tests, but users are encouraged to move to the "MobSF Scan" scan_type. ## Reimport updates fields fix_available and fix_version -If any incoming Findings match Findings that already exist, the incoming Finding is checked if the fields `fix_available` and `fix_version` differ and are updated if yes. +Reimport will update existing findings `fix_available` and `fix_version` fields based on the incoming scan report. ## Release notes Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.52.0) for the contents of the release. From 165e13ceb740627e916e0744ca3a28ce049cb70d Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Tue, 4 Nov 2025 08:38:34 +0100 Subject: [PATCH 21/21] update --- docs/content/en/open_source/upgrading/2.52.md | 3 --- docs/content/en/open_source/upgrading/2.53.md | 3 +++ 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/content/en/open_source/upgrading/2.52.md b/docs/content/en/open_source/upgrading/2.52.md index 677aa33e614..20eef3fb214 100644 --- a/docs/content/en/open_source/upgrading/2.52.md +++ b/docs/content/en/open_source/upgrading/2.52.md @@ -92,8 +92,5 @@ There are other instructions for upgrading to 2.52.x. Check the [Release Notes]( Mobsfscan Scan" has been merged into the "MobSF Scan" parser. The "Mobsfscan Scan" scan_type has been retained to keep deduplication working for existing Tests, but users are encouraged to move to the "MobSF Scan" scan_type. -## Reimport updates fields fix_available and fix_version -Reimport will update existing findings `fix_available` and `fix_version` fields based on the incoming scan report. - ## Release notes Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.52.0) for the contents of the release. diff --git a/docs/content/en/open_source/upgrading/2.53.md b/docs/content/en/open_source/upgrading/2.53.md index 7eafce4e660..b1aad525f26 100644 --- a/docs/content/en/open_source/upgrading/2.53.md +++ b/docs/content/en/open_source/upgrading/2.53.md @@ -5,3 +5,6 @@ weight: -20251103 description: No special instructions. --- There are no special instructions for upgrading to 2.53.x. Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.53.0) for the contents of the release. + +## Reimport updates fields fix_available and fix_version +Reimport will update existing findings `fix_available` and `fix_version` fields based on the incoming scan report.