DefectDojo date/time parsing bug #582
Description
🐞 Bug report
Describe the bug
The DefectDojo persistence Hook seems to have an bug parsing some findings:
Exception in thread "main" com.fasterxml.jackson.databind.exc.InvalidDefinitionException: Java 8 date/time type `java.time.LocalDateTime` not supported by default: add Module "com.fasterxml.jackson.datatype:jackson-datatype-jsr310" to enable handling
at [Source: (String)"{"count":10,"next":null,"previous":null,"results":[{"id":13680,"tags":[],"request_response":{"req_resp":[]},"accepted_risks":[],"push_to_jira":false,"age":0,"sla_days_remaining":90,"finding_meta":[],"related_fields":null,"jira_creation":null,"jira_change":null,"display_status":"Inactive, Duplicate","finding_groups":[],"title":"Displays Information About Page Retrievals, Including Other Users.","date":"2021-08-09","sla_start_date":null,"cwe":0,"cve":null,"cvssv3":null,"cvssv3_score":null,"url":nu"[truncated 19279 chars]; line: 1, column: 1499] (through reference chain: io.securecodebox.persistence.defectdojo.models.DefectDojoResponse["results"]->java.util.ArrayList[0]->io.securecodebox.persistence.defectdojo.models.Finding["created"])
at com.fasterxml.jackson.databind.exc.InvalidDefinitionException.from(InvalidDefinitionException.java:67)
at com.fasterxml.jackson.databind.DeserializationContext.reportBadDefinition(DeserializationContext.java:1764)
at com.fasterxml.jackson.databind.deser.impl.UnsupportedTypeDeserializer.deserialize(UnsupportedTypeDeserializer.java:36)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:324)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:187)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer._deserializeFromArray(CollectionDeserializer.java:355)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:244)
at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:28)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:324)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:187)
at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:322)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4593)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3548)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3531)
at io.securecodebox.persistence.defectdojo.service.FindingService.deserializeList(FindingService.java:48)
at io.securecodebox.persistence.defectdojo.service.GenericDefectDojoService.internalSearch(GenericDefectDojoService.java:115)
at io.securecodebox.persistence.defectdojo.service.GenericDefectDojoService.search(GenericDefectDojoService.java:124)
at io.securecodebox.persistence.strategies.VersionedEngagementsStrategy.run(VersionedEngagementsStrategy.java:101)
at io.securecodebox.persistence.DefectDojoPersistenceProvider.main(DefectDojoPersistenceProvider.java:42)Example Findings File: nikto-findings.json.txt