fix: don't close old findings when reimport auto-creates a new test#14396
Open
valentijnscholten wants to merge 2 commits intoDefectDojo:bugfixfrom
Open
fix: don't close old findings when reimport auto-creates a new test#14396valentijnscholten wants to merge 2 commits intoDefectDojo:bugfixfrom
valentijnscholten wants to merge 2 commits intoDefectDojo:bugfixfrom
Conversation
When auto_create_context=True and the test doesn't exist yet, the reimport falls back to DefaultImporter. With close_old_findings=True, this would incorrectly close findings from other tests in the same engagement/product scope because the newly created test has no prior findings to compare against. Suppress close_old_findings for this initial-import path. Fixes DefectDojo#14363.
valentijnscholten
requested review from
Maffooch and
mtesauro
as code owners
Add test_reimport_auto_create_does_not_close_findings_in_existing_test to ImportReimportTestAPI. It calls the reimport endpoint with auto_create_context=True and close_old_findings=True targeting a non-existing test title, verifying that the existing test's findings are not closed when the endpoint auto-creates a new test. This test would fail if the close_old_findings=False override in the serializer were reverted.
Maffooch
approved these changes
Feb 26, 2026
Jino-T
approved these changes
Feb 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
reimport-scanis called withauto_create_context=Trueand the test does not yet exist, the endpoint falls back toDefaultImporterto create the test.close_old_findings=Trueis set (the reimport default),DefaultImporter.close_old_findings()queries across the engagement/product scope for findings of the same test type that don't match the newly imported hash codes — and closes them. On an empty report this closes all matching findings in other tests.close_old_findings=Falseto the importer in this path. A brand-new test has no prior findings to compare against, so closing old findings has no valid semantic here.TestTypeup front.Fixes #14363.