Ruff: Add and fix D403

[kiblik]

Add D403 and fix https://docs.astral.sh/ruff/rules/first-line-capitalized/

[dryrunsecurity]

DryRun Security Summary

The pull request includes various updates and improvements to the application's security-related functionality, such as enhancements to the GithubVulnerabilityParser class, improvements to the unit tests for the SarifParser and SonarQubeParser classes, and updates to the TenableParser test suite, all of which demonstrate a strong focus on security and a commitment to maintaining the integrity and reliability of the application's vulnerability management capabilities.

Expand for full summary

Summary:

The code changes in this pull request cover various updates and improvements to the application's security-related functionality, including:

1. Enhancements to the GithubVulnerabilityParser class, which is responsible for parsing vulnerability data from the GitHub API. The changes ensure the parser can handle different formats of vulnerability data and accurately extract key details, such as severity, CVSS information, and vulnerability IDs.

2. Improvements to the unit tests for the SarifParser and SonarQubeParser classes, which validate the correct parsing of security scan reports from these tools. Maintaining robust test cases helps ensure the accuracy and reliability of the vulnerability management process.

3. Updates to the TenableParser test suite, which covers a wide range of scenarios for parsing Nessus scan reports in different formats (XML and CSV). This helps ensure the parser can handle real-world report formats and edge cases.

Overall, these code changes demonstrate a strong focus on security and a commitment to maintaining the integrity and reliability of the application's vulnerability management capabilities. The comprehensive test suites and attention to handling various security data formats are particularly noteworthy from an application security perspective.

Files Changed:

1. dojo/utils.py: The changes to the to_str_typed function do not introduce any obvious security concerns, as it is a utility function for handling different types of objects.

2. ruff.toml: The changes to the Ruff linter configuration file, such as adding the D403 rule for checking missing type annotations and updating the ignore and fixable settings, can help improve the overall code quality and security.

3. unittests/test_apiv2_notifications.py: The changes to the unit tests for the API v2 notifications functionality focus on ensuring the security of user creation, notification template creation, and notification assignment to users.

4. unittests/tools/test_github_vulnerability_parser.py: The changes to the unit tests for the GithubVulnerabilityParser class validate the parser's ability to handle different formats of vulnerability data from the GitHub API.

5. unittests/tools/test_sarif_parser.py: The changes to the test_suppression_report function in the test_sarif_parser.py file ensure the correct parsing of SARIF reports, which is important for integrating and validating security scanning tools.

6. unittests/tools/test_sonarqube_parser.py: The changes to the SonarQube parser tests demonstrate a robust and comprehensive implementation, ensuring the accurate processing of SonarQube scan reports.

7. unittests/tools/test_tenable_parser.py: The changes to the test suite for the TenableParser class validate the parser's ability to handle various Nessus scan report formats and edge cases, which is crucial for the application's vulnerability management process.

Code Analysis

We ran 9 analyzers against 7 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[mtesauro]

Approved