search

awslabs / threat-composer

A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
https://awslabs.github.io/threat-composer/
Apache License 2.0
443 stars 50 forks source link

[BUG] Threats/mitigations from reference packs cause re-import of saved workspace to fail #143

Open idpdevops opened 9 hours ago

idpdevops commented 9 hours ago

Describe the bug

When I add mitigations from the reference packs to a threat model and then save the model, then I can't re-import the file - it throws an error. It happens even if I delete the workspace, re-create it and then import the file.

image (4)

Expected Behavior

I would expect the saved file to be loaded without errors.

Current Behavior

An error occurs, see attached screenshot image (4)

Reproduction Steps

  1. Create a workspace
  2. Add a threat and a mitigation from one of the threat/mitigation packs (even a single threat causes the problem)
  3. Export the workspace
  4. Delete the workspace
  5. Create a workspace
  6. Import the previously exported file
  7. Error occurs

Possible Solution

n/a

Additional Information/Context

No response

idpdevops commented 9 hours ago

Sorry, forgot to add this for reference

ThreatComposer_Workspace_test.tc (1).json

jessieweiyi commented 7 hours ago

Hi @idpdevops,

We have released a fix to address this issue early last week. Your browser might not run the latest deployment due to local cache. You can run a hard refresh (WITHOUT deleing local history/data) in your browser to load the latest version of threat composer. For example, if you are using Mac and Chrome, you can hold down ⌘ Cmd and ⇧ Shift key and then press R.

For exported tc json file, if validation issues are still present during re-import, you can open the file in text editor, remove all the "comments" (all lower case) field and value under mitigations props and reimport again.