Skip to content

Check statusCategory instead of the resolution field for Jira issue status#14611

Open
derda17 wants to merge 3 commits intoDefectDojo:devfrom
derda17:feature/check_statusCategory
Open

Check statusCategory instead of the resolution field for Jira issue status#14611
derda17 wants to merge 3 commits intoDefectDojo:devfrom
derda17:feature/check_statusCategory

Conversation

@derda17
Copy link
Copy Markdown

@derda17 derda17 commented Mar 30, 2026

Description

PR for #14347

The status category is mainly used to decide if a jira issue is active or not. If the status is undefined (this may happen for old Jira projects that have not migrated properly to status categories), the resolution is still being checked. So I kept the most of the original logic for backwards compatibility.
In the resolution check there were some attribute checks missing and the resolution object was compared to a string "None", this always returned False. I adapted this.

Test results

Added a JIRAHelperTest test suite, that test various combinations of status categories and resolutions.

Documentation

I could not find a documentation that needs adjustments. Let me know if there is one.

Checklist

This checklist is for your information.

  • Make sure to rebase your PR against the very latest dev.
  • Features/Changes should be submitted against the dev.
  • Bugfixes should be submitted against the bugfix branch.
  • Give a meaningful name to your PR, as it may end up being used in the release notes.
  • Your code is Ruff compliant (see ruff.toml).
  • Your code is python 3.13 compliant.
  • If this is a new feature and not a bug fix, you've included the proper documentation in the docs at https://github.com/DefectDojo/django-DefectDojo/tree/dev/docs as part of this PR.
  • Model changes must include the necessary migrations in the dojo/db_migrations folder.
  • Add applicable tests to the unit tests.
  • Add the proper label to categorize your PR.

@Maffooch Maffooch marked this pull request as draft April 3, 2026 19:40
@synaos-bwi
Check statusCategory for Jira issue status
0615260 
* status category is mainly used to decide if a jira issue is active or not
* if the category is undefined or an unknown status, fall back to resolution checking
* the resolution object was compared to a string "None", this always
  returned False
* provide unit tests for new functionality
@synaos-bwi
removed trailing whitespace
4a2fa85
@derda17 derda17 force-pushed the feature/check_statusCategory branch from 296576d to 4a2fa85 Compare April 17, 2026 09:20
@derda17 derda17 marked this pull request as ready for review April 17, 2026 09:22
@derda17 derda17 marked this pull request as draft April 17, 2026 12:45
@derda17
Copy link
Copy Markdown
Author

derda17 commented Apr 17, 2026

Some Unit tests failed. I've returned the PR to draft state and will look into the failing tests.

@synaos-bwi
Fix JIRA helper tests to comply with JIRA API specification
72deeed 
  - Remove test_issue_from_jira_is_active_with_unknown_status_and_none_resolution
  - Remove test_issue_from_jira_is_active_without_status_category_with_none_string_resolution

  These tests checked for resolution field as string 'None', which violates JIRA API spec.
  According to JIRA API, resolution is either an object with properties (id, name, etc) or null,
  never a string value. Remaining 12 tests verify correct behavior per the API spec.
@derda17 derda17 marked this pull request as ready for review April 20, 2026 09:20
@dryrunsecurity
Copy link
Copy Markdown

dryrunsecurity bot commented Apr 20, 2026

DryRun Security

This pull request contains edits to a sensitive file (dojo/jira_link/helper.py) flagged twice by the configured-codepaths analyzer as potential sensitive changes; reviewers should verify these modifications against the project's .dryrunsecurity.yaml allowed paths/authors before merging.

🔴 Configured Codepaths Edit in dojo/jira_link/helper.py (drs_cffad6ab)
Vulnerability Configured Codepaths Edit
Description Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml.
🔴 Configured Codepaths Edit in dojo/jira_link/helper.py (drs_8795d2db)
Vulnerability Configured Codepaths Edit
Description Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml.

We've notified @mtesauro.

Comment to provide feedback on these findings.

Report false positive: @dryrunsecurity fp [FINDING ID] [FEEDBACK]
Report low-impact: @dryrunsecurity nit [FINDING ID] [FEEDBACK]

Example: @dryrunsecurity fp drs_90eda195 This code is not user-facing

All finding details can be found in the DryRun Security Dashboard.

@derda17 derda17 mentioned this pull request Apr 20, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Maffooch Maffooch Awaiting requested review from Maffooch Maffooch is a code owner

@mtesauro mtesauro Awaiting requested review from mtesauro mtesauro is a code owner

At least 4 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

unittests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@derda17 @synaos-bwi