Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Story #11699 add persistent identifier configuration to management contracts #1556

Merged
merged 1 commit into from
Dec 4, 2023
Merged

Story #11699 add persistent identifier configuration to management contracts #1556

merged 1 commit into from
Dec 4, 2023

Conversation

Regzox
Copy link
Contributor

@Regzox Regzox commented Nov 24, 2023

Description

Ajoute le panneau de configuration des identifiants pérennes dans l'application de gestion des contrats de gestion.

@Regzox Regzox force-pushed the story_11699__add_permanent_identifier_configuration_to_management_contracts branch 2 times, most recently from 21b068c to d8f3e3b Compare November 24, 2023 14:52
@vitam-devops
Copy link
Collaborator

vitam-devops commented Nov 24, 2023
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailsd857259b-6b05-4670-89ff-9c9aea60b95a

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2019-15599 Npm-tree-kill-1.2.1 Vulnerable Package
HIGH CVE-2020-28502 Npm-xmlhttprequest-ssl-1.5.5 Vulnerable Package
HIGH CVE-2020-36048 Npm-engine.io-3.2.1 Vulnerable Package
HIGH CVE-2020-36049 Npm-socket.io-parser-3.2.0 Vulnerable Package
HIGH CVE-2020-7660 Npm-serialize-javascript-1.9.1 Vulnerable Package
HIGH CVE-2020-7788 Npm-ini-1.3.5 Vulnerable Package
HIGH CVE-2021-31597 Npm-xmlhttprequest-ssl-1.5.5 Vulnerable Package
HIGH CVE-2022-2421 Npm-socket.io-parser-3.2.0 Vulnerable Package
HIGH CVE-2023-32695 Npm-socket.io-parser-3.2.0 Vulnerable Package
MEDIUM CVE-2019-16769 Npm-serialize-javascript-1.9.1 Vulnerable Package
MEDIUM CVE-2020-15366 Npm-ajv-6.10.0 Vulnerable Package
MEDIUM CVE-2020-15366 Npm-ajv-5.5.2 Vulnerable Package
MEDIUM CVE-2020-28481 Npm-socket.io-2.1.1 Vulnerable Package
MEDIUM CVE-2020-7693 Npm-sockjs-0.3.19 Vulnerable Package
MEDIUM CVE-2021-23364 Npm-browserslist-4.5.5 Vulnerable Package
MEDIUM CVE-2021-23495 Npm-karma-4.1.0 Vulnerable Package
MEDIUM CVE-2022-0437 Npm-karma-4.1.0 Vulnerable Package
MEDIUM CVE-2022-21704 Npm-log4js-4.5.1 Vulnerable Package
MEDIUM CVE-2022-41940 Npm-engine.io-3.2.1 Vulnerable Package
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/ManagementContractInternalController.java: 155 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/ExternalParamProfileInternalController.java: 135 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/ExternalParamProfileInternalController.java: 135 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/CustomerInternalController.java: 186 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/ExternalParamProfileInternalController.java: 135 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/ManagementContractInternalController.java: 155 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/ManagementContractInternalController.java: 155 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/ManagementContractInternalController.java: 155 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/ManagementContractInternalController.java: 155 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/CustomerInternalController.java: 186 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/ProfileExternalController.java: 108 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/CustomerController.java: 158 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/CustomerExternalController.java: 126 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/UserExternalController.java: 136 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/OwnerExternalController.java: 93 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/TenantExternalController.java: 96 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/GroupExternalController.java: 107 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/ExternalParamProfileExternalController.java: 118 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/IngestContractInternalController.java: 128 Attack Vector
LOW Log_Forging /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/ExternalParamProfileController.java: 162 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/OwnerController.java: 129 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/GroupController.java: 137 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/TenantController.java: 150 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/UserController.java: 182 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProfileController.java: 119 Attack Vector

Fixed Issues

Severity Issue Source File / Package
HIGH Missing User Instruction /Dockerfile: 10
HIGH Missing User Instruction /Dockerfile: 10
HIGH Missing User Instruction /Dockerfile: 11
HIGH Missing User Instruction /Dockerfile: 10
HIGH No New Privileges Not Set /docker-compose.yml: 10
HIGH No New Privileges Not Set /vitam-dev.yml: 19
HIGH No New Privileges Not Set /vitam-recette.yml: 54
HIGH No New Privileges Not Set /vitam-recette.yml: 17
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 132
HIGH Passwords And Secrets - Generic Password /logstash.yml: 225
HIGH Passwords And Secrets - Generic Password /mongo_cluster.yml: 11
HIGH Passwords And Secrets - Generic Password /application.yml: 44
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 52
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 30
HIGH Passwords And Secrets - Generic Password /application.yml: 42
HIGH Passwords And Secrets - Generic Password /application.yml: 42
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 48
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 60
HIGH Passwords And Secrets - Generic Password /logstash.yml: 227
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 52
HIGH Passwords And Secrets - Generic Password /application.yml: 30
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 56
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 87
HIGH Passwords And Secrets - Generic Password /logstash.yml: 221
HIGH Passwords And Secrets - Generic Password /application.yml: 47
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 80
HIGH Passwords And Secrets - Generic Password /application.yml: 57
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 149
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 141
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 5
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 54
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 131
HIGH Passwords And Secrets - Generic Password /application.yml: 76
HIGH Passwords And Secrets - Generic Password /application.yml: 31
HIGH Passwords And Secrets - Generic Password /mongo_dev.yml: 37
HIGH Passwords And Secrets - Generic Password /application.yml: 37
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 78
HIGH Passwords And Secrets - Generic Password /application.yml: 53
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 29
HIGH Passwords And Secrets - Generic Password /application.yml: 40
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 32
HIGH Passwords And Secrets - Generic Password /application.yml: 27
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 44
HIGH Passwords And Secrets - Generic Password /cas-server-application-dev.yml: 19
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 75
HIGH Passwords And Secrets - Generic Password /application-integration.yml: 12
HIGH Passwords And Secrets - Generic Password /application.yml: 40
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 73
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 21
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 34
HIGH Passwords And Secrets - Generic Password /application.yml: 31
HIGH Passwords And Secrets - Generic Password /application.yml: 33
HIGH Passwords And Secrets - Generic Password /application.yml: 41
HIGH Passwords And Secrets - Generic Password /cas-server-application-dev.yml: 15
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 113
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 93
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 33
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 20
HIGH Passwords And Secrets - Generic Password /cas-server-application-recette.yml: 14
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 29
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 82
HIGH Passwords And Secrets - Generic Password /application.yml: 40
HIGH Passwords And Secrets - Generic Password /application-integration.yml: 47
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 46
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 105
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 34
HIGH Passwords And Secrets - Generic Password /application.yml: 53
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 55
HIGH Passwords And Secrets - Generic Password /application-integration.yml: 66
HIGH Passwords And Secrets - Generic Password /logstash.yml: 244
HIGH Passwords And Secrets - Generic Password /application.yml: 46
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 128
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 38
HIGH Passwords And Secrets - Generic Password /application.yml: 27
HIGH Passwords And Secrets - Generic Password /application.yml: 76
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 119
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 9
HIGH Passwords And Secrets - Generic Password /application.yml: 42
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 30
HIGH Passwords And Secrets - Generic Password /application.yml: 97
HIGH Passwords And Secrets - Generic Password /application.yml: 81
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 99
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 21
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 35
HIGH Passwords And Secrets - Generic Password /logstash.yml: 242
HIGH Passwords And Secrets - Generic Password /application.yml: 77
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 58
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 26
HIGH Passwords And Secrets - Generic Password /application.yml: 97
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 23
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 12
HIGH Passwords And Secrets - Generic Password /application.yml: 54
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 104
HIGH Passwords And Secrets - Generic Password /application.yml: 29
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 77
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 33
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 101
HIGH Passwords And Secrets - Generic Password

More results are available on AST platform

@Regzox Regzox force-pushed the story_11699__add_permanent_identifier_configuration_to_management_contracts branch 3 times, most recently from e3b09af to 5f7ee71 Compare November 27, 2023 16:09
@Regzox Regzox added enhancement New feature or request javascript Pull requests that update Javascript code java Pull requests that update Java code VAS VAS contribution labels Nov 27, 2023
@Regzox Regzox self-assigned this Nov 27, 2023
@Regzox Regzox added this to the IT 128 milestone Nov 27, 2023
@Regzox Regzox force-pushed the story_11699__add_permanent_identifier_configuration_to_management_contracts branch 2 times, most recently from 4b519ad to 8e8209f Compare November 27, 2023 16:38
@bbenaissa bbenaissa changed the title Story #11699 add permanent identifier configuration to management contracts Story #11699 add persistent identifier configuration to management contracts Dec 1, 2023
@lgheribi
Copy link
Collaborator

lgheribi commented Dec 1, 2023

plus tard, revoir le $unset si besoin

@lgheribi
Copy link
Collaborator

lgheribi commented Dec 1, 2023

Idélament renommer les Permanent* en Persistent

@Regzox Regzox force-pushed the story_11699__add_permanent_identifier_configuration_to_management_contracts branch from 3af2455 to 9a2caf3 Compare December 1, 2023 20:05
@Regzox Regzox force-pushed the story_11699__add_permanent_identifier_configuration_to_management_contracts branch from 9a2caf3 to fea2055 Compare December 4, 2023 12:07
@GiooDev GiooDev merged commit b5b1ea9 into develop Dec 4, 2023
@GiooDev GiooDev deleted the story_11699__add_permanent_identifier_configuration_to_management_contracts branch December 4, 2023 13:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@laedanrex laedanrex laedanrex approved these changes

@lgheribi lgheribi lgheribi approved these changes

Assignees

@Regzox Regzox

Labels
enhancement New feature or request java Pull requests that update Java code javascript Pull requests that update Javascript code VAS VAS contribution
Projects
None yet
Milestone
IT 128
Development

Successfully merging this pull request may close these issues.
5 participants
@Regzox @vitam-devops @lgheribi @laedanrex @GiooDev