-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set default findingtype risk in model instead of in bit #3562
base: main
Are you sure you want to change the base?
Conversation
…coordination into set-default-risk-in-model
…coordination into set-default-risk-in-model
Hmm, can we still store an 'unknown' severity for findings that we could not hydrate / have no information due to an embargo? |
Before, the default was unset and immediately after creation, the bit would set it to 0.0. In the time between creating the finding and setting the value to 0.0, the finding would be invisible (this would be very very short/ unnoticeable). This behavior is now better. After a while, the boefje would try to find the score, if it didn't succeed, it would set the value to 10.0. This behavior is unchanged. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just one question to confirm. Looks good otherwise
a33a9b1
to
f885652
Compare
Changes
Set default findingtype risk in model instead of in bit
Demo
No functional changes
QA notes
Turn of kat-finding-types boefje
Create Hostname with L1
See that finding types appear
Make sure that they are "Pending"
Make sure that no reports are broken with these FindingTypes
Also check with migrations: do the same as above in main and then switch to this branch and "make" again. Rerun bits. Everything should still work
Code Checklist
.env
changes files if required and changed the.env-dist
accordingly.Checklist for code reviewers:
Copy-paste the checklist from the docs/source/templates folder into your comment.
Checklist for QA:
Copy-paste the checklist from the docs/source/templates folder into your comment.