Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reduce severity classes #1288

Merged
merged 22 commits into from
Sep 22, 2020
Merged

Reduce severity classes #1288

merged 22 commits into from
Sep 22, 2020

Conversation

janowagner
Copy link
Member

@janowagner janowagner commented Sep 5, 2020
edited
Loading

The support for multiple severity class ranges is removed.
There is now only one classification scheme (the one previously
called "nist"). Actually there was only one other classification scheme called
"pci-dss". It wasn't used or needed.

With applying a single default scheme code and database operations can
be simplified.

Basically all code elements are removed, including a migrator
that removes any such setting from the database.

The "report" XML element does not include the severity classification with
its range details (as element ""severity_class) anymore and the "authenticate_response"
XML does not include the "severity" element anymore.

Checklist:

This was referenced Sep 9, 2020
Closed
Merged
@janowagner janowagner marked this pull request as ready for review September 10, 2020 12:54
mattmundell
mattmundell requested changes Sep 14, 2020
View reviewed changes
src/manage_pg.c Show resolved Hide resolved
src/manage_pg.c Outdated Show resolved Hide resolved
src/manage_pg.c Outdated Show resolved Hide resolved
src/manage_pg.c Outdated Show resolved Hide resolved
@mattmundell
Copy link
Contributor

Also, it's missing the changes to the GMP doc.

@janowagner
Retrurn only nist classes for XML 'severity_class'
ea48fe8 
Returns always the same string with the nist classes.
'pci-dss' is removed.
@janowagner
Drop severity computations for class pci-dss
c8378eb 
The nist classes are now always applied for the
computations.
@janowagner
Drop severiy computation for class pci-dss
9331d95 
The computations for class 'nist' are now always
applied.
@janowagner
Drop SQL computations for class 'pci-dss'
ebff096 
Now always the nist classes are applied.
@janowagner
Fix syntax error in SQL from last commit
e55f69a
@janowagner
Do not retrieve severity class from user settings
d32f7b6 
The nist classes are applied anway, so do not pull
the user setting about classes.
@janowagner
Do severity class evaluation directly
30caeb2 
Copy over the actual evaluation into the main severity_in_level
SQL function.
@janowagner
Remove now unused SQL function.
f100ce0
@janowagner
Resolve setting_severity().
889c0b7 
The places where it was called use the default string
'nist' directly.
@janowagner
No need to add the setting about severity classes.
e630516
@janowagner
No need to handle severity_class setting.
4c3f480
@janowagner
Substitute a severity_class variable.
40d5069
@janowagner
Remove param for severity class.
f3aa67c
@janowagner
Drop now unused param for severity class.
1471671
@janowagner
Resolve one severity class variable.
7143676
@janowagner
Remove element severity from authenticate_response.
9387e64 
The element "severity" with its meanwhile static value "nist"
is removed from the element "authenticate_response".
@janowagner
Drop element severity_class from elemnt report
0c2dc4b 
Since there is only a single static classes, it does not
need to be send anymore with its range details.
@janowagner
Add migrator to drop Severity Class from settings
db15b5d
@janowagner
Add ChangeLog.
da0c857
@janowagner
Fix formatting.
c51af02
@janowagner
Re-add wrongly removed lines about medium level.
3ead67c
@janowagner
Update GMP documentation about removal.
b41cbce
@mattmundell mattmundell merged commit 3909ce4 into greenbone:master Sep 22, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mattmundell mattmundell mattmundell approved these changes

@timopollmeier timopollmeier Awaiting requested review from timopollmeier

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@janowagner @mattmundell