DefectDojo · mtesauro · Jul 2, 2024 · May 2, 2024
diff --git a/dojo/endpoint/utils.py b/dojo/endpoint/utils.py
@@ -93,7 +93,7 @@ def endpoint_get_or_create(**kwargs):
 def clean_hosts_run(apps, change):
     def err_log(message, html_log, endpoint_html_log, endpoint):
         error_suffix = 'It is not possible to migrate it. Delete or edit this endpoint.'
-        html_log.append({**endpoint_html_log, **{'message': message}})
+        html_log.append({**endpoint_html_log, 'message': message})
         logger.error(f'Endpoint (id={endpoint.pk}) {message}. {error_suffix}')
         broken_endpoints.add(endpoint.pk)
     html_log = []

diff --git a/dojo/engagement/views.py b/dojo/engagement/views.py
@@ -459,7 +459,6 @@ def get(self, request, eid, *args, **kwargs):
             check = Check_List.objects.get(engagement=eng)
         except:
             check = None
-            pass
         notes = eng.notes.all()
         note_type_activation = Note_Type.objects.filter(is_active=True).count()
         if note_type_activation:
@@ -531,7 +530,6 @@ def post(self, request, eid, *args, **kwargs):
             check = Check_List.objects.get(engagement=eng)
         except:
             check = None
-            pass
         notes = eng.notes.all()
         note_type_activation = Note_Type.objects.filter(is_active=True).count()
         if note_type_activation:
@@ -636,7 +634,6 @@ def add_tests(request, eid):
                 new_test.lead = User.objects.get(id=form['lead'].value())
             except:
                 new_test.lead = None
-                pass
 
             # Set status to in progress if a test is added
             if eng.status != "In Progress" and eng.active is True:
@@ -1152,7 +1149,6 @@ def complete_checklist(request, eid):
         checklist = Check_List.objects.get(engagement=eng)
     except:
         checklist = None
-        pass
 
     add_breadcrumb(
         parent=eng,
@@ -1174,7 +1170,6 @@ def complete_checklist(request, eid):
                 cl.engagement = eng
                 cl.save()
                 form.save_m2m()
-                pass
             messages.add_message(
                 request,
                 messages.SUCCESS,

diff --git a/dojo/filters.py b/dojo/filters.py
@@ -1995,14 +1995,6 @@ class Meta:
         exclude = ['description', 'mitigation', 'impact',
                    'references', 'numerical_severity']
 
-    not_tags = ModelMultipleChoiceFilter(
-        field_name='tags__name',
-        to_field_name='name',
-        exclude=True,
-        queryset=Finding.tags.tag_model.objects.all().order_by('name'),
-        # label='tags', # doesn't work with tagulous, need to set in __init__ below
-    )
-
     not_test__tags = ModelMultipleChoiceFilter(
         field_name='test__tags__name',
         to_field_name='name',
@@ -2030,8 +2022,6 @@ class Meta:
         # label='tags', # doesn't work with tagulous, need to set in __init__ below
     )
 
-    not_tag = CharFilter(field_name='tags__name', lookup_expr='icontains', label='Not tag name contains', exclude=True)
-
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
         self.form.fields['cwe'].choices = cwe_options(self.queryset)

diff --git a/dojo/importers/base_importer.py b/dojo/importers/base_importer.py
@@ -49,7 +49,6 @@ def get_findings(scan_type: str, test: Test) -> List[Finding]:
         TODO This should be enforced in the future, but here is not the place
         TODO once this enforced, this stub class should be removed
         """
-        pass
 
 
 class BaseImporter(ImporterOptions):

diff --git a/dojo/importers/options.py b/dojo/importers/options.py
@@ -83,7 +83,6 @@ def load_additional_options(
         An added hook for loading additional options
         to be used by children classes for the BaseImporter
         """
-        pass
 
     def log_translation(
         self,

diff --git a/dojo/jira_link/helper.py b/dojo/jira_link/helper.py
@@ -1534,7 +1534,6 @@ def process_jira_project_form(request, instance=None, target=None, product=None,
             except Exception as e:
                 error = True
                 logger.exception(e)
-                pass
         else:
             logger.debug(jform.errors)
             error = True

diff --git a/dojo/models.py b/dojo/models.py
@@ -3055,7 +3055,6 @@ def github_conf(self):
             github_conf = github_product_key.conf
         except:
             github_conf = None
-            pass
         return github_conf
 
     # newer version that can work with prefetching
@@ -3064,7 +3063,6 @@ def github_conf_new(self):
             return self.test.engagement.product.github_pkey_set.all()[0].git_conf
         except:
             return None
-            pass
 
     @property
     def has_jira_issue(self):

diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
@@ -270,7 +270,6 @@ def send_msteams_notification(event, user=None, *args, **kwargs):
     except Exception as e:
         logger.exception(e)
         log_alert(e, "Microsoft Teams Notification", title=kwargs['title'], description=str(e), url=kwargs['url'])
-        pass
 
 
 @dojo_async_task

diff --git a/dojo/okta.py b/dojo/okta.py
@@ -88,7 +88,6 @@ def validate_and_return_id_token(self, id_token, access_token):
             except JWTError:
                 if k is None and client_id == 'a-key':
                     k = self.get_jwks_keys()[0]
-                pass
 
             claims = jwt.decode(
                 id_token,

diff --git a/dojo/product/views.py b/dojo/product/views.py
@@ -226,7 +226,7 @@ def view_product(request, pid):
                                                           benchmark_type__enabled=True).order_by('benchmark_type__name')
     sla = SLA_Configuration.objects.filter(id=prod.sla_configuration_id).first()
     benchAndPercent = []
-    for i in range(0, len(benchmarks)):
+    for i in range(len(benchmarks)):
         desired_level, total, total_pass, total_wait, total_fail, _total_viewed = asvs_calc_level(benchmarks[i])
 
         success_percent = round((float(total_pass) / float(total)) * 100, 2)
@@ -939,7 +939,6 @@ def edit_product(request, pid):
         github_inst = GITHUB_PKey.objects.get(product=product)
     except:
         github_inst = None
-        pass
 
     if request.method == 'POST':
         form = ProductForm(request.POST, instance=product)

diff --git a/dojo/templatetags/display_tags.py b/dojo/templatetags/display_tags.py
@@ -484,7 +484,7 @@ def not_specified_icon(tooltip):
 
 def stars(filled, total, tooltip):
     code = '<i class="has-popover" data-placement="bottom" data-content="' + tooltip + '">'
-    for i in range(0, total):
+    for i in range(total):
         if i < filled:
             code += '<i class="fa-solid fa-star has-popover" aria-hidden="true"></span>'
         else:

diff --git a/dojo/tools/burp_enterprise/parser.py b/dojo/tools/burp_enterprise/parser.py
@@ -83,7 +83,7 @@ def pre_allocate_items(self, tree):
             if ("Issues found" in "".join(endpoint.itertext()).strip())
         ]
 
-        for index in range(0, len(severities)):
+        for index in range(len(severities)):
             url = endpoint_text[index].text[16:]
             sev_table = list(severities[index].iter("tr"))
 
@@ -235,7 +235,7 @@ def create_findings(self, items, test):
                 requests = details.get("Request").split("SPLITTER")[:-1]
                 responses = details.get("Response").split("SPLITTER")[:-1]
                 unsaved_req_resp = []
-                for index in range(0, len(requests)):
+                for index in range(len(requests)):
                     unsaved_req_resp.append(
                         {"req": requests[index], "resp": responses[index]}
                     )

diff --git a/dojo/tools/jfrog_xray_unified/parser.py b/dojo/tools/jfrog_xray_unified/parser.py
@@ -40,7 +40,7 @@ def get_item(vulnerability, test):
     highestCvssV3Index = 0
     highestCvssV3Score = 0
 
-    for thisCveIndex in range(0, len(vulnerability["cves"]) - 1):
+    for thisCveIndex in range(len(vulnerability["cves"]) - 1):
         # not all cves have cvssv3 scores, so skip these. If no v3 scores,
         # we'll default to index 0
         if "cvss_v3_score" in vulnerability["cves"][thisCveIndex]:

diff --git a/dojo/tools/qualys_webapp/parser.py b/dojo/tools/qualys_webapp/parser.py
@@ -93,7 +93,7 @@ def attach_unique_extras(
             )
         )
 
-    for i in range(0, len(requests)):
+    for i in range(len(requests)):
         if requests[i] != "" or responses[i] != "":
             finding.unsaved_req_resp.append(
                 {"req": requests[i], "resp": responses[i]}
@@ -130,7 +130,7 @@ def attach_extras(endpoints, requests, responses, finding, date, qid, test):
     for endpoint in endpoints:
         finding.unsaved_endpoints.append(Endpoint.from_uri(endpoint))
 
-    for i in range(0, len(requests)):
+    for i in range(len(requests)):
         if requests[i] != "" or responses[i] != "":
             finding.unsaved_req_resp.append(
                 {"req": requests[i], "resp": responses[i]}

diff --git a/dojo/tools/veracode/json_parser.py b/dojo/tools/veracode/json_parser.py
@@ -124,7 +124,7 @@ def create_finding_from_details(self, finding_details, scan_type, policy_violate
         # Attempt to get the CVSS score
         if uncleaned_cvss := finding_details.get("cvss"):
             if isinstance(uncleaned_cvss, str):
-                if uncleaned_cvss.startswith("CVSS:3.1/") or uncleaned_cvss.startswith("CVSS:3.0/"):
+                if uncleaned_cvss.startswith(("CVSS:3.1/", "CVSS:3.0/")):
                     finding.cvssv3 = CVSS3(str(uncleaned_cvss)).clean_vector(output_prefix=True)
                 elif not uncleaned_cvss.startswith("CVSS"):
                     finding.cvssv3 = CVSS3(f"CVSS:3.1/{str(uncleaned_cvss)}").clean_vector(output_prefix=True)

diff --git a/dojo/tools/veracode_sca/parser.py b/dojo/tools/veracode_sca/parser.py
@@ -69,7 +69,7 @@ def _get_findings_json(self, file, test):
             vulnerability = issue.get("vulnerability")
             vuln_id = vulnerability.get("cve")
             if vuln_id and not (
-                vuln_id.startswith("cve") or vuln_id.startswith("CVE")
+                vuln_id.startswith(("cve", "CVE"))
             ):
                 vuln_id = "CVE-" + vuln_id
             cvss_score = issue.get("severity")
@@ -113,7 +113,7 @@ def _get_findings_json(self, file, test):
             if vulnerability.get("cwe_id"):
                 cwe = vulnerability.get("cwe_id")
                 if cwe:
-                    if cwe.startswith("CWE-") or cwe.startswith("cwe-"):
+                    if cwe.startswith(("CWE-", "cwe-")):
                         cwe = cwe[4:]
                     if cwe.isdigit():
                         finding.cwe = int(cwe)
@@ -168,7 +168,7 @@ def get_findings_csv(self, file, test):
             version = row.get("Version in use", None)
             vuln_id = row.get("CVE", None)
             if vuln_id and not (
-                vuln_id.startswith("cve") or vuln_id.startswith("CVE")
+                vuln_id.startswith(("cve", "CVE"))
             ):
                 vuln_id = "CVE-" + vuln_id
 

diff --git a/dojo/tools/xanitizer/parser.py b/dojo/tools/xanitizer/parser.py
@@ -156,7 +156,6 @@ def add_code(self, node, showline, description):
         return description
 
     def generate_file_path(self, finding):
-        pass
 
         if finding.find("endNode") is not None and finding.find("endNode").get(
             "relativePath"

diff --git a/dojo/utils.py b/dojo/utils.py
@@ -883,7 +883,7 @@ def get_punchcard_data(objs, start_date, weeks, view='Finding'):
 
 def get_week_data(week_start_date, tick, day_counts):
     data = []
-    for i in range(0, len(day_counts)):
+    for i in range(len(day_counts)):
         data.append([tick, i, day_counts[i]])
     label = [tick, week_start_date.strftime("<span class='small'>%m/%d<br/>%Y</span>")]
     return data, label
@@ -2308,7 +2308,6 @@ def delete_chunk(self, objects, **kwargs):
                 logger.debug('ASYNC_DELETE: object has already been deleted elsewhere. Skipping')
                 # The id must be None
                 # The object has already been deleted elsewhere
-                pass
 
     @dojo_async_task
     @app.task

diff --git a/ruff.toml b/ruff.toml
@@ -50,6 +50,7 @@ select = [
    "LOG",
    "INP",
    "SLOT",
+   "PIE",
    "RSE",
    "PD",
    "PGH",

diff --git a/tests/close_old_findings_dedupe_test.py b/tests/close_old_findings_dedupe_test.py
@@ -29,7 +29,7 @@ def setUp(self):
     def check_nb_duplicates(self, expected_number_of_duplicates):
         logger.debug("checking duplicates...")
         driver = self.driver
-        for i in range(0, 18):
+        for i in range(18):
             time.sleep(5)  # wait bit for celery dedupe task which can be slow on travis
             self.goto_all_findings_list(driver)
             dupe_count = 0

diff --git a/tests/dedupe_test.py b/tests/dedupe_test.py
@@ -27,7 +27,7 @@ def setUp(self):
     def check_nb_duplicates(self, expected_number_of_duplicates):
         logger.debug("checking duplicates...")
         driver = self.driver
-        for i in range(0, 18):
+        for i in range(18):
             time.sleep(5)  # wait bit for celery dedupe task which can be slow on travis
             self.goto_all_findings_list(driver)
             dupe_count = 0
-Original file line number
+Diff line change
@@ Expand Up @@
             TODO This should be enforced in the future, but here is not the place
             TODO once this enforced, this stub class should be removed
             """
-            pass
     class BaseImporter(ImporterOptions):
@@ Expand Down @@