implement a fixed version

manuel-sommer · manuel-sommer · commit c9f4c075705d · 2025-08-28T12:02:25.000+02:00
diff --git a/dojo/db_migrations/0242_finding_fix_version.py b/dojo/db_migrations/0242_finding_fix_version.py
@@ -0,0 +1,18 @@
+# Generated by Django 5.1.11 on 2025-08-28 09:16
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('dojo', '0241_remove_system_settings_time_zone'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='finding',
+            name='fix_version',
+            field=models.CharField(blank=True, help_text='Version of the affected component where the flaw will be fixed.', max_length=100, null=True, verbose_name='Fix version'),
+        ),
+    ]
diff --git a/dojo/importers/default_reimporter.py b/dojo/importers/default_reimporter.py
@@ -433,6 +433,8 @@ def process_matched_mitigated_finding(
         """
         if existing_finding.fix_available != unsaved_finding.fix_available:
             existing_finding.fix_available = unsaved_finding.fix_available
+            if existing_finding.fix_version != unsaved_finding.fix_version:
+                existing_finding.fix_version = unsaved_finding.fix_version
 
         # if the reimported item has a mitigation time, we can compare
         if unsaved_finding.is_mitigated:
@@ -542,6 +544,8 @@ def process_matched_active_finding(
             logger.debug("Reimported item matches a finding that is currently open.")
             if existing_finding.fix_available != unsaved_finding.fix_available:
                 existing_finding.fix_available = unsaved_finding.fix_available
+                if existing_finding.fix_version != unsaved_finding.fix_version:
+                    existing_finding.fix_version = unsaved_finding.fix_version
             if unsaved_finding.is_mitigated:
                 logger.debug("Reimported mitigated item matches a finding that is currently open, closing.")
                 # TODO: Implement a date comparison for opened defectdojo findings before closing them by reimporting,
diff --git a/dojo/models.py b/dojo/models.py
@@ -2416,6 +2416,11 @@ class Finding(models.Model):
                                         default=None,
                                         verbose_name=_("Fix Available"),
                                         help_text=_("Denotes if there is a fix available for this flaw."))
+    fix_version = models.CharField(null=True,
+                                         blank=True,
+                                         max_length=100,
+                                         verbose_name=_("Fix version"),
+                                         help_text=_("Version of the affected component where the flaw will be fixed."))
     impact = models.TextField(verbose_name=_("Impact"),
                                 null=True,
                                 blank=True,
diff --git a/dojo/templates/dojo/view_finding.html b/dojo/templates/dojo/view_finding.html
@@ -556,6 +556,9 @@ <h3 class="pull-left finding-title">
                 {% if finding.component_version %}
                 <th>Component Version</th>
                 {% endif %}
+                {% if finding.fix_version %}
+                <th>Fixed Version</th>
+                {% endif %}
                 {% if finding.has_jira_configured or finding.jira_issue %}
                 <th>JIRA</th>
                 <th>JIRA Change</th>
@@ -615,6 +618,13 @@ <h3 class="pull-left finding-title">
                     </span>
                 </td>
                 {% endif %}
+                {% if finding.fix_version %}
+                <td>
+                    <span>
+                        {{ finding.fix_version }}
+                    </span>
+                </td>
+                {% endif %}
                 {% if finding.has_jira_configured or finding.has_jira_issue or finding.has_jira_group_issue %}
                     <td id="jira">
                         {% if finding.has_jira_group_issue %}
diff --git a/dojo/tools/harbor_vulnerability/parser.py b/dojo/tools/harbor_vulnerability/parser.py
@@ -82,6 +82,7 @@ def get_findings(self, filename, test):
                     component_name=package_name,
                     component_version=package_version,
                     cwe=cwe,
+                    fix_version=fix_version,
                 )
                 if vulnerability_id:
                     find.unsaved_vulnerability_ids = [vulnerability_id]

Original file line number	Diff line number	Diff line change
`@@ -82,6 +82,7 @@ def get_findings(self, filename, test):`
`82`	`82`	`component_name=package_name,`
`83`	`83`	`component_version=package_version,`
`84`	`84`	`cwe=cwe,`
	`85`	`+ fix_version=fix_version,`
`85`	`86`	`)`
`86`	`87`	`if vulnerability_id:`
`87`	`88`	`find.unsaved_vulnerability_ids = [vulnerability_id]`