Skip to content

PDF Report: Show vulnerability IDs#15115

Merged
Maffooch merged 2 commits into
DefectDojo:devfrom
samiat4911:fix/report-vulnerability-ids
Jul 1, 2026
Merged

PDF Report: Show vulnerability IDs#15115
Maffooch merged 2 commits into
DefectDojo:devfrom
samiat4911:fix/report-vulnerability-ids

Conversation

@samiat4911

Copy link
Copy Markdown
Contributor

Description

Fixes #10620.

The finding PDF report table did not show vulnerability IDs, even though other report outputs already include them. This PR adds the missing conditional Vulnerability IDs column to the PDF finding report template and renders the finding's saved vulnerability IDs when present.

The PDF report header now includes:

{% if finding.vulnerability_ids %}
    <th>Vulnerability IDs</th>
{% endif %}

The PDF report data row now includes:

{% if finding.vulnerability_ids %}
    <td>{{ finding.vulnerability_ids }}</td>
{% endif %}

I also added coverage to the existing PDF report rendering tests:

def test_report_finding_table_includes_vulnerability_ids(self):
    """Finding PDF reports should show vulnerability IDs in the finding table."""
    finding = self._create_finding()
    Vulnerability_Id.objects.create(finding=finding, vulnerability_id="CVE-2026-12345")

    html = self._render_finding_report(Finding.objects.filter(pk=finding.pk))

    self.assertIn("Vulnerability IDs", html)
    self.assertIn("CVE-2026-12345", html)

Test results

Ideally you extend the test suite in tests/ and dojo/unittests to cover the changed in this PR.
Alternatively, describe what you have and haven't tested.

Documentation

Passed:

python -m compileall unittests\test_pdf_report_rendering.py

Passed with the existing staticfiles warning for /app/components/node_modules:

docker compose -f docker-compose.yml -f docker-compose.override.unit_tests.yml run --rm --entrypoint "python manage.py check" uwsgi

Passed, 7 tests OK:

docker compose -f docker-compose.yml -f docker-compose.override.unit_tests.yml run --rm --entrypoint "python manage.py test unittests.test_pdf_report_rendering.TestPdfReportTextWrapping -v2 --keepdb" uwsgi

Passed:

ruff check --isolated unittests/test_pdf_report_rendering.py

Full local ruff check could not run because local ruff 0.15.2 does not recognize the repo config selector PLW0717.
Checklist

This checklist is for your information.

  • Make sure to rebase your PR against the very latest dev.
  • Features/Changes should be submitted against the dev.
  • Bugfixes should be submitted against the bugfix branch.
  • Give a meaningful name to your PR, as it may end up being used in the release notes.
  • Your code is Ruff compliant (see ruff.toml).
  • Your code is python 3.13 compliant.
  • If this is a new feature and not a bug fix, you've included the proper documentation in the docs at https://github.com/DefectDojo/django-DefectDojo/tree/dev/docs as part of this PR.
  • Model changes must include the necessary migrations in the dojo/db_migrations folder.
  • Add applicable tests to the unit tests.
  • Add the proper label to categorize your PR.

@mtesauro mtesauro left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@Maffooch Maffooch added this to the 3.1.0 milestone Jul 1, 2026
@valentijnscholten valentijnscholten changed the title Show vulnerability IDs PDF Report: Show vulnerability IDs Jul 1, 2026
@Maffooch Maffooch merged commit 1172f02 into DefectDojo:dev Jul 1, 2026
148 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants