---
title: "[bojemoi] fix(vuln-mgmt): wire uzi + zap → DefectDojo, fix dnsmasq"
date: 2026-04-16T10:08:37+02:00
draft: false
tags: ["commit", "bojemoi", "main"]
categories: ["Git Activity"]
summary: "Commit 907b0c3 par Betty dans bojemoi"
author: "Betty"
---

## Commit `907b0c3`

| | |
|---|---|
| **Repository** | bojemoi |
| **Branch** | `main` |
| **Author** | Betty |
| **Hash** | `907b0c321c47781a69d53a787b71dab77dc91c7f` |


### Description

- borodino/thearm_uzi: migrate Faraday → DefectDojo
  - Read token from /run/secrets/dojo_api_token (no env vars)
  - Replace faraday_get_or_create_host + faraday_report_pwn
    with _dojo_get_or_create_test + dojo_report_pwn
  - Auto-creates Product/Engagement/Test hierarchy on first pwn
- oblast-1/zap_scanner.py: fix required DefectDojo fields
  - Add numerical_severity (S0-S4) to findings
  - Add found_by (test_type_id) via _dojo_test_type_cache
  - Use ZAP Scan test_type instead of Manual
- stack/70-service-defectdojo.yml: remove bad prometheus label (port 9113)
- volumes/dnsmask/01-base.conf: dojo.bojemoi.lab + defectdojo.bojemoi.lab,
  remove duplicate faraday entries

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

### Files Changed

```
M	borodino/thearm_uzi
M	oblast-1/zap_scanner.py
M	stack/70-service-defectdojo.yml
M	volumes/dnsmask/dnsmask.d/01-base.conf
```

### Diff Summary

```
 borodino/thearm_uzi                    | 192 +++++++++++++++++++++------------
 oblast-1/zap_scanner.py                |  20 +++-
 stack/70-service-defectdojo.yml        |   3 -
 volumes/dnsmask/dnsmask.d/01-base.conf |   5 +-
 4 files changed, 142 insertions(+), 78 deletions(-)
```