Issue with coping Approved mitigation #29
Description
Currently, the copier copies the Approved mitigation into the destination application as Proposed instead of Approved. In addition, The Accepted Mitigation comment is also not copied.
I have noticed this behavior for SAST scan results.
The following warning is noted in the MitigationCopier.log:
WARNING - update_mitigation_info_rest - Cannot copy APPROVED mitigation for Flaw ID <FLAWID> in <APPLICATIONID>
I was able to make it work by adding 'APPROVED' in the 'ALLOWED_ACTIONS'
ALLOWED_ACTIONS = ['COMMENT', 'FP', 'APPDESIGN', 'OSENV', 'NETENV', 'REJECTED', 'ACCEPTED', 'LIBRARY', 'ACCEPTRISK', 'APPROVE', 'REJECT', 'BYENV', 'BYDESIGN', 'LEGAL', 'COMMERCIAL', 'EXPERIMENTAL', 'INTERNAL', 'APPROVED']