Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ruff: Add and fix PTH113 #11194

Merged
merged 6 commits into from
Nov 12, 2024
Merged

Ruff: Add and fix PTH113 #11194

merged 6 commits into from
Nov 12, 2024

Conversation

manuel-sommer
Copy link
Contributor

Add ruff PTH113

@github-actions github-actions bot added settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR unittests labels Nov 5, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Nov 5, 2024
edited
Loading

DryRun Security Summary

This pull request includes several changes across multiple files in the DefectDojo application, primarily focused on improving security, performance, and configurability, such as enabling HTTPS redirection, configuring the Celery message broker, and adding new configuration options for encryption keys, team name, and logging handler.

Expand for full summary

Summary:

This pull request includes several changes across multiple files in the DefectDojo application, primarily focused on improving security, performance, and configurability. The key changes include:

  1. Security Improvements: The settings.dist.py file has been updated to enable various security-related settings, such as HTTPS redirection, content type sniffing prevention, secure cookies, and HTTP Strict Transport Security (HSTS).

  2. Performance Improvements: The settings.dist.py file also includes changes to configure the Celery message broker, define scheduled tasks, and limit the maximum number of search results, similar findings, and API request/response pairs.

  3. Configuration Updates: The settings.dist.py file has been updated to add new configuration options, such as encryption keys, team name, footer version, tagging behavior, JIRA issue type choices, and logging handler.

  4. API and Deduplication Configuration: The settings.dist.py file now includes settings to configure API token authentication and the deduplication algorithm and fields used for each scanner.

Overall, these changes aim to improve the security, performance, and flexibility of the DefectDojo application, which is a critical tool for managing and tracking security vulnerabilities. As an application security engineer, I would recommend thoroughly reviewing these changes to ensure they are implemented correctly and do not introduce any unintended security or performance issues.

Files Changed:

  1. dojo/settings/.settings.dist.py.sha256sum: The SHA-256 hash value for the .settings.dist.py file has been updated, indicating that the file's contents have been modified.
  2. ruff.toml: The Ruff linter configuration has been updated, including the addition of the PTH113 rule and the removal of the D211 rule.
  3. unittests/test_parsers.py: The unit tests for the DefectDojo parsers have been updated to improve file existence checks, documentation checks, and test data checks.
  4. dojo/settings/settings.dist.py: This file, which contains the default settings for the DefectDojo application, has been significantly updated to improve security, performance, and configurability.

Code Analysis

We ran 9 analyzers against 4 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@manuel-sommer manuel-sommer force-pushed the ruff_pth113 branch 3 times, most recently from 8deaddf to 6f2888d Compare November 6, 2024 06:38
mtesauro
mtesauro approved these changes Nov 6, 2024
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@github-actions GitHub Actions
Copy link
Contributor

This pull request has conflicts, please resolve those before we can evaluate the pull request.

@github-actions GitHub Actions
Copy link
Contributor

Conflicts have been resolved. A maintainer will review the pull request shortly.

@github-actions GitHub Actions
Copy link
Contributor

This pull request has conflicts, please resolve those before we can evaluate the pull request.

@github-actions GitHub Actions
Copy link
Contributor

Conflicts have been resolved. A maintainer will review the pull request shortly.

@github-actions GitHub Actions
Copy link
Contributor

This pull request has conflicts, please resolve those before we can evaluate the pull request.

@github-actions GitHub Actions
Copy link
Contributor

Conflicts have been resolved. A maintainer will review the pull request shortly.

@mtesauro mtesauro merged commit d489339 into DefectDojo:dev Nov 12, 2024
73 checks passed
@manuel-sommer manuel-sommer deleted the ruff_pth113 branch November 12, 2024 23:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Maffooch Maffooch Maffooch approved these changes

@mtesauro mtesauro mtesauro approved these changes

@cneill cneill cneill approved these changes

@grendel513 grendel513 grendel513 approved these changes

Assignees
No one assigned
Labels
settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR unittests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@manuel-sommer @grendel513 @cneill @mtesauro @Maffooch