Skip to content

Reimport: Do not reactivate endpoint statuses with special statuses#14402

Open
Maffooch wants to merge 7 commits intobugfixfrom
endpoint-status-reimport-do-not-reactive-special-status
Open

Reimport: Do not reactivate endpoint statuses with special statuses#14402
Maffooch wants to merge 7 commits intobugfixfrom
endpoint-status-reimport-do-not-reactive-special-status

Conversation

@Maffooch
Copy link
Contributor

@Maffooch Maffooch commented Feb 26, 2026
edited
Loading

Problem:

Endpoints previously marked as false positive, out of scope, or risk accepted could still be reactivated or associated with findings during reimport. This caused:

  • Unintended endpoint reactivation
  • Incorrect association with existing findings
  • Inconsistent endpoint state handling

Solution:

This update changes the reimport behavior to exclude endpoints with special statuses. Specifically:

  • Endpoints marked as false positive, out of scope, or risk accepted will not be reactivated.
  • Findings now only consider actionable endpoints.
  • Endpoint lifecycle management is now more predictable and accurate.

Behavior Changes:

  • Reimport no longer affects endpoints with excluded statuses.
  • Findings associations remain accurate and only include relevant endpoints.
  • Reduces noise and prevents accidental state changes for intentionally excluded endpoints.

Impact:

  • Improves data integrity and accuracy in endpoint management.
  • Ensures the system respects endpoint status semantics.
  • Reduces confusion and potential errors during reimport operations.

@Maffooch Maffooch closed this Feb 26, 2026
@Maffooch Maffooch reopened this Feb 26, 2026
@Maffooch Maffooch marked this pull request as ready for review February 26, 2026 23:03
@Maffooch Maffooch requested a review from mtesauro as a code owner February 26, 2026 23:03
@Maffooch Maffooch changed the title Exclude certain endpoint statuses from findings Reimport: Do not reactivate endpoint statuses with special statuses Feb 26, 2026
@Maffooch
fix(location_manager): exclude special endpoint statuses from reactiv…
d243e11 
…ation logic

fix(location): optimize get_or_create methods for LocationFindingReference and LocationProductReference

test(import_reimport): enhance tests to skip reactivation for special statuses in endpoint and location contexts
@Maffooch
fix(test_importers_performance): update expected query and async task…
d311afb 
… counts for performance tests
@Maffooch Maffooch requested a review from dogboat February 27, 2026 03:19
@valentijnscholten
Copy link
Member

valentijnscholten commented Feb 27, 2026

We should find a way to do this without 40 extra database queries.

@valentijnscholten
perf(endpoint_manager): avoid double queryset evaluation in update_en…
12a1781 
…dpoint_status

Evaluate existing_finding_endpoint_status_list once into a list with
select_related("endpoint") before the two list comprehensions, preventing
a duplicate DB hit and N+1 endpoint lookups. Update expected performance
test counts to reflect the reduced query counts.
@valentijnscholten
perf(endpoint_manager): use prefetched status_finding_non_special to …
dba99be 
…avoid extra DB queries

Add a named Prefetch to build_candidate_scope_queryset that fetches only
non-special endpoint statuses (excluding false_positive, out_of_scope,
risk_accepted) with their endpoint joined in via select_related. This
replaces the two separate "status_finding" and "status_finding__endpoint"
prefetches with a single query and avoids per-finding DB hits in
update_endpoint_status and process_matched_special_status_finding.

Update expected performance test counts to reflect the reduced query counts.
@valentijnscholten
Copy link
Member

valentijnscholten commented Feb 27, 2026

We should find a way to do this without 40 extra database queries.

Done, it's now 1 query less than dev instead of 40 more :-)

@Maffooch
Copy link
Contributor Author

Maffooch commented Feb 27, 2026

@valentijnscholten you're my hero - thanks for taking this into a better direction!

@Maffooch Maffooch added this to the 2.56.0 milestone Feb 27, 2026
mtesauro
mtesauro approved these changes Feb 27, 2026
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtesauro mtesauro mtesauro approved these changes

@valentijnscholten valentijnscholten valentijnscholten approved these changes

@dogboat dogboat dogboat approved these changes

@Jino-T Jino-T Awaiting requested review from Jino-T

@blakeaowens blakeaowens Awaiting requested review from blakeaowens

At least 4 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

unittests

Projects

None yet

Milestone

2.56.0

Development

Successfully merging this pull request may close these issues.

4 participants

@Maffooch @valentijnscholten @mtesauro @dogboat