From 074d656622fa0eb248d3ed2f8c109220c91dfa90 Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Thu, 7 Nov 2024 10:28:09 +0100 Subject: [PATCH] datetime.datetime.utcfromtimestamp() is deprecated and scheduled for removal --- dojo/tools/checkmarx/parser.py | 2 +- dojo/tools/checkmarx_one/parser.py | 2 +- dojo/tools/contrast/parser.py | 4 +--- dojo/tools/wpscan/parser.py | 4 ++-- unittests/tools/test_wpscan_parser.py | 10 +++++----- 5 files changed, 10 insertions(+), 12 deletions(-) diff --git a/dojo/tools/checkmarx/parser.py b/dojo/tools/checkmarx/parser.py index 0d5607f5095..6e832723f95 100644 --- a/dojo/tools/checkmarx/parser.py +++ b/dojo/tools/checkmarx/parser.py @@ -368,7 +368,7 @@ def _parse_date(self, value): if isinstance(value, str): return parser.parse(value).date() if isinstance(value, dict) and isinstance(value.get("seconds"), int): - return datetime.datetime.utcfromtimestamp(value.get("seconds")).date() + return datetime.datetime.fromtimestamp(value.get("seconds"), datetime.UTC).date() return None def _get_findings_json(self, file, test): diff --git a/dojo/tools/checkmarx_one/parser.py b/dojo/tools/checkmarx_one/parser.py index f8896c0b271..7a85cd521d5 100644 --- a/dojo/tools/checkmarx_one/parser.py +++ b/dojo/tools/checkmarx_one/parser.py @@ -22,7 +22,7 @@ def _parse_date(self, value): if isinstance(value, str): return parser.parse(value) if isinstance(value, dict) and isinstance(value.get("seconds"), int): - return datetime.datetime.utcfromtimestamp(value.get("seconds")) + return datetime.datetime.fromtimestamp(value.get("seconds"), datetime.UTC) return None def _parse_cwe(self, cwe): diff --git a/dojo/tools/contrast/parser.py b/dojo/tools/contrast/parser.py index 9367bdcf6dd..e72345d33d7 100644 --- a/dojo/tools/contrast/parser.py +++ b/dojo/tools/contrast/parser.py @@ -41,9 +41,7 @@ def get_findings(self, filename, test): severity = row.get("Severity") if severity == "Note": severity = "Info" - date_raw = datetime.datetime.utcfromtimestamp( - int(row.get("First Seen")) / 1000, - ) + date_raw = datetime.datetime.fromtimestamp(int(row.get("First Seen")) / 1000, datetime.UTC) finding = Finding( title=title.split(" from")[0], date=date_raw, diff --git a/dojo/tools/wpscan/parser.py b/dojo/tools/wpscan/parser.py index 95c0a8c4c20..f03dd33986a 100644 --- a/dojo/tools/wpscan/parser.py +++ b/dojo/tools/wpscan/parser.py @@ -1,6 +1,6 @@ import hashlib import json -from datetime import datetime +import datetime from dojo.models import Endpoint, Finding @@ -89,7 +89,7 @@ def get_findings(self, file, test): report_date = None if "start_time" in tree: - report_date = datetime.utcfromtimestamp(tree.get("start_time")) + report_date = datetime.datetime.fromtimestamp(tree.get("start_time"), datetime.UTC) dupes = {} # manage plugin findings diff --git a/unittests/tools/test_wpscan_parser.py b/unittests/tools/test_wpscan_parser.py index bd71aae2946..8fd8784dbe8 100644 --- a/unittests/tools/test_wpscan_parser.py +++ b/unittests/tools/test_wpscan_parser.py @@ -26,7 +26,7 @@ def test_parse_file_exemple(self): self.assertIsNone(finding.unique_id_from_tool) # interesting findings are not vlunerability self.assertEqual("Info", finding.severity) # it is not a vulnerability so severity should be 'Info' self.assertEqual("Interesting finding: Headers", finding.title) - self.assertEqual(datetime.datetime(2021, 3, 26, 11, 50, 50), finding.date) + self.assertEqual(datetime.datetime(2021, 3, 26, 11, 50, 50, tzinfo=datetime.timezone.utc), finding.date) def test_parse_file_with_no_vuln_has_no_findings(self): with open("unittests/scans/wpscan/wordpress_no_vuln.json", encoding="utf-8") as testfile: @@ -49,7 +49,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): self.assertEqual("8873", finding.unique_id_from_tool) self.assertNotEqual("Info", finding.severity) # it is a vulnerability so not 'Info' self.assertEqual("YouTube Embed <= 11.8.1 - Cross-Site Request Forgery (CSRF)", finding.title) - self.assertEqual(datetime.datetime(2019, 7, 2, 19, 11, 16), finding.date) + self.assertEqual(datetime.datetime(2019, 7, 2, 19, 11, 16, tzinfo=datetime.timezone.utc), finding.date) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): with open("unittests/scans/wpscan/wordpress_many_vuln.json", encoding="utf-8") as testfile: @@ -63,7 +63,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding(self): self.assertEqual("8873", finding.unique_id_from_tool) self.assertNotEqual("Info", finding.severity) # it is a vulnerability so not 'Info' self.assertEqual("YouTube Embed <= 11.8.1 - Cross-Site Request Forgery (CSRF)", finding.title) - self.assertEqual(datetime.datetime(2019, 7, 2, 19, 11, 16), finding.date) + self.assertEqual(datetime.datetime(2019, 7, 2, 19, 11, 16, tzinfo=datetime.timezone.utc), finding.date) def test_parse_file_with_multiple_vuln(self): with open("unittests/scans/wpscan/wpscan.json", encoding="utf-8") as testfile: @@ -81,7 +81,7 @@ def test_parse_file_with_multiple_vuln(self): self.assertEqual("Contact Form 7 < 5.3.2 - Unrestricted File Upload", finding.title) self.assertEqual(1, len(finding.unsaved_vulnerability_ids)) self.assertEqual("CVE-2020-35489", finding.unsaved_vulnerability_ids[0]) - self.assertEqual(datetime.datetime(2021, 3, 17, 12, 21, 6), finding.date) + self.assertEqual(datetime.datetime(2021, 3, 17, 12, 21, 6, tzinfo=datetime.timezone.utc), finding.date) self.assertEqual("", finding.get_scanner_confidence_text()) # data are => 100% with self.subTest(i=4): @@ -89,7 +89,7 @@ def test_parse_file_with_multiple_vuln(self): self.assertIsNone(finding.unique_id_from_tool) # interesting findings are not vlunerability self.assertEqual("Info", finding.severity) # it is not a vulnerability so severity should be 'Info' self.assertEqual("Interesting finding: WordPress readme found: http://example/readme.html", finding.title) - self.assertEqual(datetime.datetime(2021, 3, 17, 12, 21, 6), finding.date) + self.assertEqual(datetime.datetime(2021, 3, 17, 12, 21, 6, tzinfo=datetime.timezone.utc), finding.date) self.assertEqual("", finding.get_scanner_confidence_text()) # data are => "confidence": 100, def test_parse_file_with_multiple_vuln_in_version(self):