Description
With secureCodeBox we would like to import generic secureCodeBox findings through DefectDojo's importer API. Currently, we're retrieving the Test Type using TestTypeService. This is however no longer neccessary, as DefectDojo is able to determine the scan type automatically:
The ImportScanSerializer uses the scan_type and ReImportScanSerializer uses test (existing test ID).
This wrapper client, however, does not properly reflect the serializer.
Please take a look at the serializers:
ImportScanSerializer:
https://github.com/DefectDojo/django-DefectDojo/blob/aab58b08e7f309158373e6ab68ec0cf2a8bb5bf7/dojo/api_v2/serializers.py#L1049-L1146
ReImportScanSerializer:
https://github.com/DefectDojo/django-DefectDojo/blob/aab58b08e7f309158373e6ab68ec0cf2a8bb5bf7/dojo/api_v2/serializers.py#L1149-L1224
Once this wrapper is up-to-date with DefectDojo's API, we can update secureCodeBox's persistence-provider for DefectDojo and properly make use of the new secureCodeBox parser #443!
For testing purposes, you can also take a look at how you can import scan results in the UI. It only takes the scan type.
If you need any help debugging or testing, let me know!