Age | Commit message (Collapse) | Author |
|
The functionality was moved to the more flexible
'datasource.json' files.
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
* Move the "Fetch Alt Sources" out of the authenticated user block
* Connect "Documentation" to the new User wiki page
* Minor typos and debugging line fixes
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
[YOCTO: 13099]
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
[YOCTO #13093]
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Fixes:
* Support Django development head in version check
(e.g. '2.2.dev20181217100344')
* Remove the single quotes around the comments content
* Include Documentation/Export links for Guest users
* Allow 'ip:port/acme' to link to 'acme_hello'
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Remove the app/uls scanning code in 'srtmain/urls.py' in
favor of a fixed deterministic app (and thus URL) ordering.
This will insure that any templates added to the custom app
(e.g. 'acme') will superceed content in 'srtgui', and anything
in srtgui will superceed anythinging in 'users'.
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
Ideally, these are all centralised.
|
|
|
|
|
|
|
|
All of the current init/migration are consolidated into the "0001_initial.py"
file.
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Support Django-2.2:
Move 'django.core.urlresolvers' to 'django.urls'
Disable 'register.assignment_tag' tags
Move settings 'MIDDLEWARE_CLASSES' to 'MIDDLEWARE'
Move urlpatterns 'include' to 'path'
Move 'regex.pattern' to 'pattern.regex.pattern'
Maintain Django-1.11 support
General Fixes:
Fix commit for notify_categories
Add more error halt checks during lsupdates
Add explicit 'on_delete=models.CASCADE' for all ForeignKey's
Fix 'get_defect_tag' processing
[YOCTO #13091]
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
1. Add the 'acme' product directory and URLs, including a sample
hello page, a defects toaster table, a products toaster table,
and a product table.
These can be reached under <IPADD>/acme/hello
2. Small fixes to the CVE selection page.
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
1. Create the sample "bin/acme_sample" organization data source,
to assist companies in adopting and customizing SRTool.
2. Add error detection and halting to the startup datasource scripts.
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Changes:
Repartition the data sources
Reconfigure the data sources into self-contained directories under the "bin" directory.
Implement dynamic data source discovery and import
Remove all hard coded data source data (e.g. fixtures, data, CVE lookups)
Add license files to all data sources
Django User model
Add "users" Django application dir
Login page
Self create user account page
Password change page
User access and delete management
CVE
Name sorting by hidden 'name_sort' field (CVE-nnnn-0nnnnnn)
CVE Triage
Auto import reserved CVEs
Add MITRE CVE records where NIST missing
Add data source count to triage page
Easy checkbox toggle by clicking any field
Triage any CVE status category (not just new)
Assign to any CVE status category
Object create/delete
Create/Delete Vulnerablities
Create/Delete Investigations from Vulnerablity page
Add "Historical" CVE status
When bootstraping system, all CVEs older than 60 days preset to "Historical"
Add CVEs withint 60 days preset to "New"
Can be overridden by defect and systaining status imports
Preadd Debian data for "New" CVEs
Abstraction
Add generic Product mappings to defect system ("defect_tag": defect prefix)
Add generic Product mappings to product system ("product_tag": product reference, related)
Manage functions via "srt" script
For example add superuser
Normalize Vulnerability to Investigation mapping
Replace orm_vulnerabilityproduct with orm_vulnerabilitytoinvestigation
General
Enable the 'srtool-requirements.txt' Django test
Speed the CVE scoring by pre-fetching the datasources
Progress display cleanup
Move and update srtool_defect prototype to 'bin/yp'
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Fix the NIST update check to skip the UTC offset. Add the exec to
MITRE update to create data cache dir, update report.py for cve
data source schema changes.
[YOCTO #12996]
[YOCTO #12997]
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Add the change list alert for non-vulnerable CVE triage. Fix
the mistaken error message from srtool_common.py.
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Changes:
* Local CVE rename support
* Fix CVE edit submit
* Move tools links to topbar
* Fix year extraction
* Add is_local flag for CVEs
* Revise local CVE naming
* Common page header class for inline buttons
* Fix url links for named inv/vul URLs
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Add the ability to edit the names for local
CVE's. This can specifically be used to create
placeholders for reserved CVEs (which are not
included in the NIST data) and then download the
data from the alternate CVE sources.
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Summary:
* CVE management enhancements
* Lookup Mitre, Red Hat, Debian
* Local CVE's
* Edit CVE's
* CVE triage: create defects and notifications
* Packages
* Table, packages to C/V/I/D
* Filter model update
* Triage filtering script
* Notifications
* Upstream CVE changes
* Upstream defect changes
* Notices and reminders
* Creation
* Emails
* Productization
* Move DataSource to Init/Update/Lookup model
* Add defect details to Management home page
* Add author to notification records
* Move fixture data and SrtSettings to JSON files
* database column mappings for scripts generated directly from database
* srtool_utils.py: add [backup|restore]_cve_packages
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
* Improve the CVE detail caching
* Fix the "_FALLBACK" settings management
* Fix the YP "samples" fixture file
* Rename "srtool_cve.py" as "srtool_nist.cy"
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
* Add incremental NIST scans and import to CVE database
* Add modified NIST scans and import to CVE database
* Moved CVE details out of SRTool database to reduce size
* Add CVE details lookup in cached CVE upstream files
* Added edit support for Vulnerabilies and Investigations
* Comments
* Attachments and downloads
* Product list
* History audit trail
* Add Vulnerability and Investigation creation from CVE triage
* Add user id to session variables
* Add defect import placeholder script
* Modularize the fixture files for common versus site-specific setup
Signed-off-by: Moayer, Puya <Puya.Moayer@windriver.com>
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
executable
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Signed-off-by: David Reyna <David.Reyna@windriver.com>
|
|
Add Sumo (YP-2.5) to the release selection for new projects.
[YOCTO #12713]
Signed-off-by: David Reyna <david.reyna@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Prevent movefile from falsely setting the source file's owner and
permissions on the destination directory instead of the destination
file when moving between devices.
This bug caused the last file moved into a directory to dictate the
directory's owner and permissions.
Signed-off-by: Mattias Hansson <mattias.hansson@axis.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We'd like layers to set this variable so that we know which layers are compatible
with which others, even if the branch is a generic un-updated "master" branch.
Start printing a warning to highlight this issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Explicitly capture and ignore errors when trying to load the optional
'custom.xml' fixture file.
[YOCTO #12554]
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Before, explode_dep_versions2 would sort the OrderedDict before
returning. This function will still sort the OrderedDict by default, but
will now have the option to return the OrderedDict unsorted. This option will
allow us to check if the order of the package list has changed.
Signed-off-by: Amanda Brindle <amanda.r.brindle@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The base configuration needs key expansion and anon python execution,
the parsed configurations do not. Fix this consistently, its been
broken and causing double key expansion for a while, only relised
when we started double anonymous python exeution too.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The output of bitbake -e can differ from what actually is used due
to anonymous python making changes to the data store. Execute any
anonymous python added in the base configuration to make things
more consistent.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This allows us to call this code from other contexts without
duplicating it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If a standalone tasks adds a dependency on X:do_build, the code in runqueue would
currently remove it if that do_build was part of an image recipe which uses
recrdeptask on do_build.
Such individual tasks shouldn't do this, therefore tweak the recursive reference code
to only process recurseive tasks, not all tasks.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The '--all'' fetches all remotes, including the ones in $HOME/.gitconfig, which
causes the fetching very slow, so don't use "--all", git fetch should be
enough.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|