DefectDojo · manuel-sommer · May 23, 2025 · May 26, 2025 · May 26, 2025 · May 26, 2025
@@ -2,7 +2,7 @@
 title: "MobSF Scanner"
 toc_hide: true
 ---
-Export a JSON file using the API, api/v1/report\_json.
+Export a JSON file using the API, api/v1/report\_json and import it to Defectdojo or import a JSON report from <https://github.com/MobSF/mobsfscan>
 
 ### Sample Scan Data
 Sample MobSF Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/mobsf).
@@ -2,6 +2,8 @@
 title: 'Upgrading to DefectDojo Version 2.48.x'
 toc_hide: true
 weight: -20250602
-description: No special instructions.
+description: Recalculate hashes for MobSF parser
 ---
-There are no special instructions for upgrading to 2.48.x. Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.48.0) for the contents of the release.
+### Merging Mobsfscan Scan and MobSF Scan
+
+The two scan types Mobsfscan Scan and MobSF Scan were merged in this release. We recommend to recalculate the hashcodes if you use these parsers as the deduplication settings have been changed.
@@ -0,0 +1,55 @@
+from django.db import migrations
+import logging
+
+
+logger = logging.getLogger(__name__)
+
+
+PARSER_REFERENCES = ['Mobsfscan Scan']
+
+
+def update_parser_test(test, parser_test_type) -> None:
+    if test.test_type.name in PARSER_REFERENCES or test.scan_type in PARSER_REFERENCES:
+        test.test_type = parser_test_type
+        test.scan_type = parser_test_type.name
+        test.save()
+
+
+# Update the found_by field to remove Mobsfscan Scan and add MobSF Scan
+def update_parser_finding(finding, newparser_test_type, parser_test_type) -> None:
+    # Check if old parser is in found by list and remove
+    if parser_test_type in finding.found_by.all():
+        finding.found_by.remove(parser_test_type.id)
+    # Check if new parser is already in list somehow before adding it
+    if newparser_test_type not in finding.found_by.all():
+        finding.found_by.add(newparser_test_type.id)
+    finding.save()
+
+
+# Update all finding objects that came from Mobsfscan Scan reports
+def forward_merge_parser(apps, schema_editor):
+    finding_model = apps.get_model('dojo', 'Finding')
+    test_type_model = apps.get_model('dojo', 'Test_Type')
+    # Get or create MobSF Scan Test Type and fetch the Mobsfscan Scan test types
+    newparser_test_type, _ = test_type_model.objects.get_or_create(name="MobSF Scan", defaults={"active": True})
+    parser_test_type = test_type_model.objects.filter(name="Mobsfscan Scan").first()
+    # Get all the findings found by Mobsfscan Scan
+    findings = finding_model.objects.filter(test__scan_type__in=PARSER_REFERENCES)
+    logger.warning(f'We identified {findings.count()} Mobsfscan Scan findings to migrate to MobSF Scan findings')
+    # Iterate over all findings and change
+    for finding in findings:
+        # Update the found by field
+        update_parser_finding(finding, newparser_test_type, parser_test_type)
+        # Update the test object
+        update_parser_test(finding.test, newparser_test_type)
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('dojo', '0229_alter_finding_unique_id_from_tool'),
+    ]
+
+    operations = [
+        migrations.RunPython(forward_merge_parser),
+    ]
@@ -1262,7 +1262,6 @@ def saml2_attrib_map_format(din):
     "Dockle Scan": ["title", "description", "vuln_id_from_tool"],
     "Dependency Track Finding Packaging Format (FPF) Export": ["component_name", "component_version", "vulnerability_ids"],
     "Horusec Scan": ["title", "description", "file_path", "line"],
-    "Mobsfscan Scan": ["title", "severity", "cwe", "file_path", "description"],
     "Tenable Scan": ["title", "severity", "vulnerability_ids", "cwe", "description"],
     "Nexpose Scan": ["title", "severity", "vulnerability_ids", "cwe"],
     # possible improvement: in the scanner put the library name into file_path, then dedup on cwe + file_path + severity
@@ -1323,7 +1322,7 @@ def saml2_attrib_map_format(din):
     "HCLAppScan XML": ["title", "description"],
     "HCL AppScan on Cloud SAST XML": ["title", "file_path", "line", "severity"],
     "KICS Scan": ["file_path", "line", "severity", "description", "title"],
-    "MobSF Scan": ["title", "description", "severity"],
+    "MobSF Scan": ["title", "description", "severity", "file_path"],
     "MobSF Scorecard Scan": ["title", "description", "severity"],
     "OSV Scan": ["title", "description", "severity"],
     "Snyk Code Scan": ["vuln_id_from_tool", "file_path"],
@@ -1381,7 +1380,6 @@ def saml2_attrib_map_format(din):
     "Cloudsploit Scan": True,
     "SonarQube Scan": False,
     "Dependency Check Scan": True,
-    "Mobsfscan Scan": False,
     "Tenable Scan": True,
     "Nexpose Scan": True,
     "NPM Audit Scan": True,
@@ -1490,7 +1488,6 @@ def saml2_attrib_map_format(din):
     "Crunch42 Scan": DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL,
     "Dependency Track Finding Packaging Format (FPF) Export": DEDUPE_ALGO_HASH_CODE,
     "Horusec Scan": DEDUPE_ALGO_HASH_CODE,
-    "Mobsfscan Scan": DEDUPE_ALGO_HASH_CODE,
     "SonarQube Scan detailed": DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL,
     "SonarQube Scan": DEDUPE_ALGO_HASH_CODE,
     "SonarQube API Import": DEDUPE_ALGO_HASH_CODE,