Parser name matches module name test

[cneill]

Description

The How to write a parser doc mentions this about parser class names:

The class name must be the Python module name without underscores plus Parser. Example: When the name of the Python module is dependency_check, the class name shall be DependencyCheckParser

This PR adds a unit test to ensure there are no new "orphan" parsers that will be unusable within Dojo because they don't match this guidance (factory logic here)

Test results

Test passes once the fix in #10654 is applied. That PR should go first, and this one will likely need to rebased once it's merged.

[dryrunsecurity]

DryRun Security Summary

The pull request focuses on improving the consistency and reliability of the parser implementations in the Dojo application by adding a new test case to ensure that the parser class names match the corresponding module names and enhancing existing tests to cover various scenarios for the get_parser function.

Expand for full summary

Summary:

The code changes in this pull request are focused on improving the consistency and reliability of the parser implementations in the Dojo application. The key changes are made to the test_factory.py file, which contains tests for the get_parser function in the dojo.tools.factory module.

The main change is the addition of a new test case test_parser_name_matches_module that checks if the parser class names match the corresponding module names (e.g., acunetixparser for the acunetix module). This helps to maintain a clear and predictable structure in the codebase, which can improve code readability, maintainability, and reduce the risk of bugs or security vulnerabilities.

Additionally, the existing tests in the file cover various scenarios for the get_parser function, such as retrieving parsers for different scan types, handling non-existent scan types, and ensuring that the parser is not returned when the corresponding Test_Type is marked as inactive in the database. These tests help to ensure the overall robustness and security of the parser factory, which is a critical component for processing and analyzing security scan results in the Dojo application.

Files Changed:

• unittests/test_factory.py: This file contains tests for the get_parser function in the dojo.tools.factory module. The changes include:
  1. Importing additional modules: os, importlib, importlib.util, and inspect.
  2. Adding a new test case test_parser_name_matches_module to ensure that the parser class names match the module names.
  3. Existing tests cover various scenarios for the get_parser function, such as retrieving parsers for different scan types, handling non-existent scan types, and ensuring that the parser is not returned when the corresponding Test_Type is marked as inactive in the database.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[mtesauro]

Approved

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud