DefectDojo · mtesauro · Feb 6, 2024 · Jan 25, 2024
@@ -33,4 +33,4 @@ jobs:
         run: pip install -r requirements-lint.txt
 
       - name: Run Ruff Linter
-        run: ruff dojo
+        run: ruff .
@@ -17,7 +17,7 @@ def setUp(self):
         if os.path.isdir(self.repo_path):
             shutil.rmtree(self.repo_path)
         os.mkdir(self.repo_path)
-        scan_types = git.Repo.clone_from('https://github.com/DefectDojo/sample-scan-files', self.repo_path)
+        git.Repo.clone_from('https://github.com/DefectDojo/sample-scan-files', self.repo_path)
         self.remove_items = ['__init__.py', '__init__.pyc', 'factory.py', 'factory.pyc',
                         'factory.py', 'LICENSE', 'README.md', '.gitignore', '.git', '__pycache__']
         tool_path = dir_path[:-5] + 'dojo/tools'

@@ -26,12 +26,11 @@ class CloseOldDedupeTest(BaseTestCase):
     # --------------------------------------------------------------------------------------------------------
     def setUp(self):
         super().setUp()
-        self.relative_path = dir_path = os.path.dirname(os.path.realpath(__file__))
+        self.relative_path = os.path.dirname(os.path.realpath(__file__))
 
     def check_nb_duplicates(self, expected_number_of_duplicates):
         logger.debug("checking duplicates...")
         driver = self.driver
-        retries = 0
         for i in range(0, 18):
             time.sleep(5)  # wait bit for celery dedupe task which can be slow on travis
             self.goto_all_findings_list(driver)

@@ -24,7 +24,7 @@ class CloseOldTest(BaseTestCase):
     # --------------------------------------------------------------------------------------------------------
     def setUp(self):
         super().setUp()
-        self.relative_path = dir_path = os.path.dirname(os.path.realpath(__file__))
+        self.relative_path = os.path.dirname(os.path.realpath(__file__))
 
     @on_exception_html_source_logger
     def test_delete_findings(self):

@@ -24,12 +24,11 @@ class DedupeTest(BaseTestCase):
     # --------------------------------------------------------------------------------------------------------
     def setUp(self):
         super().setUp()
-        self.relative_path = dir_path = os.path.dirname(os.path.realpath(__file__))
+        self.relative_path = os.path.dirname(os.path.realpath(__file__))
 
     def check_nb_duplicates(self, expected_number_of_duplicates):
         logger.debug("checking duplicates...")
         driver = self.driver
-        retries = 0
         for i in range(0, 18):
             time.sleep(5)  # wait bit for celery dedupe task which can be slow on travis
             self.goto_all_findings_list(driver)

@@ -96,7 +96,6 @@ def bulk_edit(self, finding_url, status_id):
         driver.find_element(By.CSS_SELECTOR, "input[type='submit']").click()
 
     def test_retroactive_edit_finding(self):
-        driver = self.driver
         # Create two equal findings on different engagements
         finding_1 = self.create_finding(
             product_name='QA Test',
@@ -125,7 +124,6 @@ def test_retroactive_edit_finding(self):
         self.assert_is_active(finding_2)
 
     def test_retroactive_bulk_edit_finding(self):
-        driver = self.driver
         # Create two equal findings on different engagements
         finding_1 = self.create_finding(
             product_name='QA Test',

@@ -312,7 +312,7 @@ def test_simple_accept_finding(self):
         # Select and click on the particular finding to edit
         driver.find_element(By.LINK_TEXT, "App Vulnerable to XSS").click()
         # Get the status of the current endpoint
-        pre_status = driver.find_element(By.XPATH, '//*[@id="vuln_endpoints"]/tbody/tr/td[3]').text
+        driver.find_element(By.XPATH, '//*[@id="vuln_endpoints"]/tbody/tr/td[3]').text
         # Click on the 'dropdownMenu1 button'
         driver.find_element(By.ID, "dropdownMenu1").click()
         # Click on `Close Finding`
@@ -336,7 +336,7 @@ def test_unaccept_finding(self):
         # Select and click on the particular finding to edit
         driver.find_element(By.LINK_TEXT, "App Vulnerable to XSS").click()
         # Get the status of the current endpoint
-        pre_status = driver.find_element(By.XPATH, '//*[@id="remd_endpoints"]/tbody/tr/td[3]').text
+        driver.find_element(By.XPATH, '//*[@id="remd_endpoints"]/tbody/tr/td[3]').text
         # Click on the 'dropdownMenu1 button'
         driver.find_element(By.ID, "dropdownMenu1").click()
         # Click on `Close Finding`

@@ -31,7 +31,7 @@ def enter_values(self, driver):
                 for field in inputs:
                     field.send_keys('cover words')
             if 'wysiwyg-content' in class_names:
-                content = widget.find_element(By.CLASS_NAME, "editor").send_keys('wysiwyg')
+                widget.find_element(By.CLASS_NAME, "editor").send_keys('wysiwyg')
 
     def generate_HTML_report(self):
         driver = self.driver

@@ -6,9 +6,6 @@
 
 class SearchTests(BaseTestCase):
 
-    def test_login(self):
-        driver = self.driver
-
     def test_search(self):
         # very basic search test to see if it doesn't 500
         driver = self.goto_some_page()

@@ -19,7 +19,7 @@ class Main:
 
         try:
             s.connect((address, port))
-        except socket.error as e:
+        except socket.error:
             print("Error connecting to ZAP, exiting.")
             sys.exit(0)
 

@@ -46,7 +46,7 @@ def test_has_object_permission_has_permission(self, mock_current_user, mock_has_
     def test_has_object_permission_wrong_permission(self):
 
         with self.assertRaises(KeyError):
-            result = has_object_permission(self.product_type, 'Test')
+            has_object_permission(self.product_type, 'Test')
 
     @patch('dojo.templatetags.authorization_tags.configuration_permission')
     @patch('crum.get_current_user')

@@ -161,7 +161,7 @@ def test_apply_template_to_finding_with_data_saves_success(self):
         test_mitigation = 'template mitigation'
         test_impact = 'template impact'
 
-        result = self.make_request(True, 1, 1,
+        self.make_request(True, 1, 1,
                                    {'title': test_title,
                                     'cwe': test_cwe,
                                     'severity': test_severity,
@@ -191,11 +191,11 @@ def test_unauthorized_apply_template_to_finding_fails(self):
 
     def test_apply_template_to_finding_with_illegal_finding_fails(self):
         with self.assertRaises(Exception):
-            result = self.make_request(True, None, 1)
+            self.make_request(True, None, 1)
 
     def test_apply_template_to_finding_with_illegal_template_fails(self):
         with self.assertRaises(Exception):
-            result = self.make_request(True, 1, None)
+            self.make_request(True, 1, None)
 
     def test_apply_template_to_finding_with_no_data_returns_view_success(self):
         result = self.make_request(True, 1, 1, None)

@@ -214,7 +214,7 @@ def test_identical_except_filepath_legacy(self):
         finding_new, finding_24 = self.copy_and_reset_finding(id=24)
         finding_new.file_path = '/dev/null'
 
-        finding_22 = Finding.objects.get(id=22)
+        Finding.objects.get(id=22)
 
         finding_new.save(dedupe_option=True)
 

@@ -27,7 +27,7 @@ def test_endpoint_meta_import_endpoint_create_tag_create_meta_create(self):
         meta_count_before = self.db_dojo_meta_count()
 
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=3):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_full, create_endpoints=True, create_tags=True, create_dojo_meta=True)
 
         self.assertEqual(endpoint_count_before + 3, self.db_endpoint_count())
@@ -36,20 +36,20 @@ def test_endpoint_meta_import_endpoint_create_tag_create_meta_create(self):
 
     def test_endpoint_meta_import_endpoint_missing_hostname(self):
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=0):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_no_hostname, create_endpoints=True, create_tags=True, create_dojo_meta=True, expected_http_status_code=400)
 
     def test_endpoint_meta_import_tag_remove_column(self):
         # Import full scan first
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=3):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_full, create_endpoints=True, create_tags=True, create_dojo_meta=False)
         # Record numbers
         endpoint_count_before = self.db_endpoint_count()
         endpoint_tag_count_before = self.db_endpoint_tag_count()
         # Import again with one column missing
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=0):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_updated_removed, create_endpoints=True, create_tags=True, create_dojo_meta=False)
         # See that nothing has been removed
         self.assertEqual(endpoint_count_before, self.db_endpoint_count())
@@ -58,14 +58,14 @@ def test_endpoint_meta_import_tag_remove_column(self):
     def test_endpoint_meta_import_tag_added_column(self):
         # Import full scan first
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=3):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_full, create_endpoints=True, create_tags=True, create_dojo_meta=False)
         # Record numbers
         endpoint_count_before = self.db_endpoint_count()
         endpoint_tag_count_before = self.db_endpoint_tag_count()
         # Import again with one column added
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=0):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_updated_added, create_endpoints=True, create_tags=True, create_dojo_meta=False)
         # See that nothing has been removed
         self.assertEqual(endpoint_count_before, self.db_endpoint_count())
@@ -75,7 +75,7 @@ def test_endpoint_meta_import_tag_added_column(self):
     def test_endpoint_meta_import_tag_changed_column(self):
         # Import full scan first
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=3):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_full, create_endpoints=True, create_tags=True, create_dojo_meta=False)
         # Record numbers
         endpoint_count_before = self.db_endpoint_count()
@@ -85,7 +85,7 @@ def test_endpoint_meta_import_tag_changed_column(self):
         human_resource_tag = endpoint['tags'][endpoint['tags'].index('team:human resources')]
         # Import again with one column missing
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=0):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_updated_changed, create_endpoints=True, create_tags=True, create_dojo_meta=False)
         # See that nothing has been added or removed
         self.assertEqual(endpoint_count_before, self.db_endpoint_count())
@@ -99,14 +99,14 @@ def test_endpoint_meta_import_tag_changed_column(self):
     def test_endpoint_meta_import_meta_remove_column(self):
         # Import full scan first
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=3):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_full, create_endpoints=True, create_tags=False, create_dojo_meta=True)
         # Record numbers
         endpoint_count_before = self.db_endpoint_count()
         meta_count_before = self.db_dojo_meta_count()
         # Import again with one column missing
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=0):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_updated_removed, create_endpoints=True, create_tags=False, create_dojo_meta=True)
         # See that nothing has been removed
         self.assertEqual(endpoint_count_before, self.db_endpoint_count())
@@ -115,14 +115,14 @@ def test_endpoint_meta_import_meta_remove_column(self):
     def test_endpoint_meta_import_meta_added_column(self):
         # Import full scan first
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=3):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_full, create_endpoints=True, create_tags=False, create_dojo_meta=True)
         # Record numbers
         endpoint_count_before = self.db_endpoint_count()
         meta_count_before = self.db_dojo_meta_count()
         # Import again with one column added
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=0):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_updated_added, create_endpoints=True, create_tags=False, create_dojo_meta=True)
         # 1 meta x 3 endpoints = 3 tags
         self.assertEqual(endpoint_count_before, self.db_endpoint_count())
@@ -131,7 +131,7 @@ def test_endpoint_meta_import_meta_added_column(self):
     def test_endpoint_meta_import_meta_changed_column(self):
         # Import full scan first
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=3):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_full, create_endpoints=True, create_tags=False, create_dojo_meta=True)
         # Record numbers
         endpoint_count_before = self.db_endpoint_count()
@@ -141,7 +141,7 @@ def test_endpoint_meta_import_meta_changed_column(self):
         meta_value = self.get_endpoints_meta_api(endpoint_id, 'team')['results'][0]['value']
         # Import again with one column missing
         with assertImportModelsCreated(self, tests=0, engagements=0, products=0, endpoints=0):
-            import0 = self.endpoint_meta_import_scan_with_params(
+            self.endpoint_meta_import_scan_with_params(
                 self.meta_import_updated_changed, create_endpoints=True, create_tags=False, create_dojo_meta=True)
         # See that nothing has been added or removed
         self.assertEqual(endpoint_count_before, self.db_endpoint_count())

@@ -9,25 +9,25 @@ def test_get_parser(self):
             scan_type = "Acunetix Scan"
             testfile = open(get_unit_tests_path() + "/scans/acunetix/one_finding.xml")
             parser = get_parser(scan_type)
-            findings = parser.get_findings(testfile, Test())
+            parser.get_findings(testfile, Test())
             testfile.close()
         with self.subTest(scan_type="Anchore Engine Scan"):
             scan_type = "Anchore Engine Scan"
             testfile = open(get_unit_tests_path() + "/scans/anchore_engine/one_vuln.json")
             parser = get_parser(scan_type)
-            findings = parser.get_findings(testfile, Test())
+            parser.get_findings(testfile, Test())
             testfile.close()
         with self.subTest(scan_type="Tenable Scan"):
             scan_type = "Tenable Scan"
             testfile = open(get_unit_tests_path() + "/scans/tenable/nessus/nessus_v_unknown.xml")
             parser = get_parser(scan_type)
-            findings = parser.get_findings(testfile, Test())
+            parser.get_findings(testfile, Test())
             testfile.close()
         with self.subTest(scan_type="ZAP Scan"):
             scan_type = "ZAP Scan"
             testfile = open(get_unit_tests_path() + "/scans/zap/some_2.9.0.xml")
             parser = get_parser(scan_type)
-            findings = parser.get_findings(testfile, Test())
+            parser.get_findings(testfile, Test())
             testfile.close()
 
     def test_get_parser_error(self):