Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ruff: add and fix TID #10113

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

Ruff: add and fix TID #10113

wants to merge 1 commit into from

Conversation

kiblik
Copy link
Contributor

@kiblik kiblik commented May 3, 2024

@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented May 3, 2024
edited

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
Configured Codepaths Analyzer 0 findings
Sensitive Files Analyzer 0 findings
AppSec Analyzer 0 findings
Authn/Authz Analyzer 0 findings
Secrets Analyzer 0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The code changes in this pull request primarily involve updates to the unit tests for various security scanners and parsers used in the Dojo application security platform. The changes focus on improving the maintainability and reliability of the test suite by updating the import paths for the DojoTestCase class and adding new test cases to cover different scenarios.

From an application security perspective, these changes do not introduce any direct security vulnerabilities. Instead, they demonstrate a commitment to thorough testing and validation of the security-critical components of the Dojo application, which is a positive sign for the overall security of the platform.

The new test cases cover a wide range of scenarios, including parsing the output of tools like Anchore Engine, Anchore Enterprise, Grype, Acunetix, Cobalt.io, Vulners, AWS Prowler, AWS Security Hub, Bandit, Azure Security Center, Blackduck, and Brakeman. This comprehensive test coverage helps ensure the accuracy and reliability of the data imported into the Dojo application, which is crucial for effective vulnerability management and application security assessment.

Files Changed:

  • ruff.toml: The changes update the ruff.toml configuration file to include the "TID" rule, which likely checks for something related to task IDs. This change does not directly impact the security of the application, but it demonstrates a commitment to maintaining code quality and style.
  • unittests/authorization/test_authorization_tags.py: The changes update the import statement for the DojoTestCase class, which is used as the base class for the TestAuthorizationTags test case. This ensures the correct path is used for the import.
  • unittests/authorization/test_authorization.py: The changes update the import statement for the DojoTestCase class, which is used as the base class for the TestAuthorization test case. This ensures the correct path is used for the import.
  • unittests/authorization/test_authorization_decorators.py: The changes update the import statement for the DojoTestCase class, which is used as the base class for the TestAuthorizationDecorators and TestConfigurationAuthorizationDecorators test cases. This ensures the correct path is used for the import.
  • unittests/tools/test_anchore_engine_parser.py: The changes update the import statement for the DojoTestCase class, which is used as the base class for the TestAnchoreEngineParser test case. This ensures the correct path is used for the import.
  • unittests/tools/test_anchore_enterprise_parser.py: The changes update the import statement for the DojoTestCase class, which is used as the base class for the TestAnchoreEnterpriseParser test case. This ensures the correct path is used for the import.
  • unittests/tools/test_anchore_grype_parser.py: The changes update the import statement for the DojoTestCase class, which is used as the base class for the TestAnchoreGrypeParser test case. This ensures the correct path is used for the import.
  • unittests/tools/test_acunetix_parser.py: The changes update the import statement for the DojoTestCase class, which is used as the base class for the TestAcunetixParser test case. This ensures the correct path is used for the import.
  • unittests/tools/test_api_blackduck_parser.py: The changes update the import statement for the DojoTestCase class, which is used as the base class for the TestApiBlackduckParser test case. This ensures the correct path is used for the import.
  • unittests/tools/test_api_cobalt_importer.py: The changes update the import statement for the DojoTestCase class, which is used as the base class for the TestCobaltApiImporter test case. This ensures the correct path is used for the import.
  • unittests/tools/test_anchorectl_policies_parser.py: The changes update the import statement for the DojoTestCase class, which is used as the base class for the TestAnchoreCTLPoliciesParser test case. This ensures the correct path is used for the import.
  • `unittests/tools/test_anchorectl_vulns_parser.py

Powered by DryRun Security

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Maffooch Maffooch Maffooch approved these changes

At least 4 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
unittests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@kiblik @Maffooch