Bump easymde from 2.15.0 to 2.18.0 in /components #87
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Also added an option to return the original finding when calling the deduplication method instead of saving the duplicate, this allow us to reuse the deduplication logic in others places, reducing the amount of duplicated code and making it easier to add features that requires/uses deduplication. Last but not least, added a few docstrings <3
Now it also filters by hash_code instead of filtering only by title/cwe and looping through each finding comparing hash_codes. This greatly improves performance when working with a lot of findings with similiar title/cwe but different hash_codes.
Added:
- `Found at` field, linking to an engagement
- `Mitigated at` field, linking to an engagement
(for now, only findings closed by `close_old_findings` when importing via APIv2 have this field)
Changed:
- Rearranged fields position
- `Date mitigated` now only shows date without showing time (just like `Date discovered`)
- `Age` is now hidden when finding is mitigated
False positives should not be verified
The report contains some HTML code into it that was not being proper parsed. Now, using BeautifulSoup, we can work with tags and deliver a more precise report. Enhancements: - Handles leading blankspaces, multiple breaklines, bold text and inline/multiline code. - A more clear description. - References moved to where they belong with links that work.
* Fix internal de-duplicate in Semgrep parser * Add test data * Fix title and some attributes * Fix unit test
* Added sast_source_code field to Finding model * Added panel for sast_source_code when viewing finding * Added sast_source_code parsing to Semgrep
Changed:
- Inverted title and description
Added:
- CWE
This reverts commit 0dfb38a.
Also replication only happens when dedup on engagement is active
Added: - Open findings in develop (tag = 'dev') - Open findings in production (tag = 'prod') - Open findings in pull requests (tag = 'pr') - Open critical findings in develop (tag = 'dev') - Open critical findings in production (tag = 'prod') - Open critical findings in pull requests (tag = 'pr') - Now shows the number of findings for each option
Also refactored false positive replication functions. The modularization was improved in order to avoid code duplication.
[bot] release 2.1.0
Bumps [easymde](https://github.com/Ionaru/easy-markdown-editor) from 2.15.0 to 2.18.0. - [Release notes](https://github.com/Ionaru/easy-markdown-editor/releases) - [Changelog](https://github.com/Ionaru/easy-markdown-editor/blob/master/CHANGELOG.md) - [Commits](Ionaru/easy-markdown-editor@2.15.0...2.18.0) --- updated-dependencies: - dependency-name: easymde dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps easymde from 2.15.0 to 2.18.0.
Changelog
Sourced from easymde's changelog.
Commits
041594a2.18.06ab32d9Update changelog for 2.18.0950f689Update codemirror6560950Update workflow filef60c9b2Update dependencies4b48564Revert example htmld26b4e3Add toolbarButtonClassPrefix option84aafddAdd extra typing tests for previewRender4a73c912.17.0086e73bUpdate changelog for 2.17.0You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)