diff --git a/dojo/management/commands/import_surveys.py b/dojo/management/commands/import_surveys.py index 0f242cbd2ea..6fcdd53bde7 100644 --- a/dojo/management/commands/import_surveys.py +++ b/dojo/management/commands/import_surveys.py @@ -1,4 +1,5 @@ import os +from pathlib import Path from django.core.management.base import BaseCommand from django.db import connection @@ -27,7 +28,7 @@ def handle(self, *args, **options): row = cursor.fetchone() ctype_id = row[0] # Find the current id in the surveys file - path = os.path.dirname(os.path.abspath(__file__)) + path = Path(os.path.abspath(__file__)).parent path = path[:-19] + "fixtures/initial_surveys.json" contents = open(path, encoding="utf-8").readlines() for line in contents: diff --git a/dojo/settings/.settings.dist.py.sha256sum b/dojo/settings/.settings.dist.py.sha256sum index 8a1dcf4b5e3..ea87ea294ef 100644 --- a/dojo/settings/.settings.dist.py.sha256sum +++ b/dojo/settings/.settings.dist.py.sha256sum @@ -1 +1 @@ -25cf15456493c8592141326ab8a955207db2d2b33619b8f5d7b7e8767b8ba3aa +989918ec4f7b8fdb5f44d5c3568c948072265f269de96346002baaeebc67301b diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index ec1e520c89f..1d586a04e74 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -448,7 +448,7 @@ def generate_url(scheme, double_slashes, user, password, host, port, path, param # Put strings here, like "/home/html/static" or "C:/www/django/static". # Always use forward slashes, even on Windows. # Don't forget to use absolute paths, not relative paths. - os.path.join(os.path.dirname(DOJO_ROOT), "components", "node_modules"), + os.path.join(Path(DOJO_ROOT).parent, "components", "node_modules"), ) # List of finder classes that know how to find static files in @@ -941,7 +941,7 @@ def saml2_attrib_map_format(dict): SAML_ATTRIBUTE_MAPPING = saml2_attrib_map_format(env("DD_SAML2_ATTRIBUTES_MAP")) SAML_FORCE_AUTH = env("DD_SAML2_FORCE_AUTH") SAML_ALLOW_UNKNOWN_ATTRIBUTES = env("DD_SAML2_ALLOW_UNKNOWN_ATTRIBUTE") - BASEDIR = path.dirname(path.abspath(__file__)) + BASEDIR = Path(path.abspath(__file__)).parent if len(env("DD_SAML2_ENTITY_ID")) == 0: SAML2_ENTITY_ID = f"{SITE_URL}/saml2/metadata/" else: diff --git a/ruff.toml b/ruff.toml index 9203826cda8..c78256a9d2e 100644 --- a/ruff.toml +++ b/ruff.toml @@ -65,7 +65,7 @@ select = [ "TCH", "INT", "ARG003", "ARG004", "ARG005", - "PTH2", "PTH101", "PTH102", "PTH103", "PTH104", "PTH105", "PTH106", "PTH107", "PTH108", "PTH109", "PTH110", "PTH111", "PTH112", "PTH113", "PTH114", "PTH115", "PTH116", "PTH117", "PTH119", "PTH121", "PTH124", + "PTH2", "PTH101", "PTH102", "PTH103", "PTH104", "PTH105", "PTH106", "PTH107", "PTH108", "PTH109", "PTH110", "PTH111", "PTH112", "PTH113", "PTH114", "PTH115", "PTH116", "PTH117", "PTH119", "PTH120", "PTH121", "PTH124", "TD001", "TD004", "TD005", "PD", "PGH", diff --git a/tests/Import_scanner_test.py b/tests/Import_scanner_test.py index f4305da2499..737b48bdcf0 100644 --- a/tests/Import_scanner_test.py +++ b/tests/Import_scanner_test.py @@ -13,7 +13,7 @@ from selenium.webdriver.common.by import By from selenium.webdriver.support.ui import Select -dir_path = os.path.dirname(os.path.realpath(__file__)) +dir_path = Path(os.path.realpath(__file__)).parent logger = logging.getLogger(__name__) diff --git a/tests/close_old_findings_dedupe_test.py b/tests/close_old_findings_dedupe_test.py index 718b2bdad06..007bd3279ec 100644 --- a/tests/close_old_findings_dedupe_test.py +++ b/tests/close_old_findings_dedupe_test.py @@ -3,6 +3,7 @@ import sys import time import unittest +from pathlib import Path from base_test_class import BaseTestCase, on_exception_html_source_logger, set_suite_settings from product_test import ProductTest @@ -13,7 +14,7 @@ logger = logging.getLogger(__name__) -dir_path = os.path.dirname(os.path.realpath(__file__)) +dir_path = Path(os.path.realpath(__file__)).parent class CloseOldDedupeTest(BaseTestCase): @@ -24,7 +25,7 @@ class CloseOldDedupeTest(BaseTestCase): # -------------------------------------------------------------------------------------------------------- def setUp(self): super().setUp() - self.relative_path = os.path.dirname(os.path.realpath(__file__)) + self.relative_path = Path(os.path.realpath(__file__)).parent def check_nb_duplicates(self, expected_number_of_duplicates): logger.debug("checking duplicates...") diff --git a/tests/close_old_findings_test.py b/tests/close_old_findings_test.py index 7cf7339cf9d..8e7c355c95d 100644 --- a/tests/close_old_findings_test.py +++ b/tests/close_old_findings_test.py @@ -2,6 +2,7 @@ import os import sys import unittest +from pathlib import Path from base_test_class import BaseTestCase, on_exception_html_source_logger, set_suite_settings from product_test import ProductTest @@ -12,7 +13,7 @@ logger = logging.getLogger(__name__) -dir_path = os.path.dirname(os.path.realpath(__file__)) +dir_path = Path(os.path.realpath(__file__)).parent class CloseOldTest(BaseTestCase): @@ -22,7 +23,7 @@ class CloseOldTest(BaseTestCase): # -------------------------------------------------------------------------------------------------------- def setUp(self): super().setUp() - self.relative_path = os.path.dirname(os.path.realpath(__file__)) + self.relative_path = Path(os.path.realpath(__file__)).parent @on_exception_html_source_logger def test_delete_findings(self): diff --git a/tests/dedupe_test.py b/tests/dedupe_test.py index 8b573a1eb13..2edc8c0328b 100644 --- a/tests/dedupe_test.py +++ b/tests/dedupe_test.py @@ -3,6 +3,7 @@ import sys import time import unittest +from pathlib import Path from base_test_class import BaseTestCase, on_exception_html_source_logger, set_suite_settings from product_test import ProductTest @@ -13,7 +14,7 @@ logger = logging.getLogger(__name__) -dir_path = os.path.dirname(os.path.realpath(__file__)) +dir_path = Path(os.path.realpath(__file__)).parent class DedupeTest(BaseTestCase): @@ -22,7 +23,7 @@ class DedupeTest(BaseTestCase): # -------------------------------------------------------------------------------------------------------- def setUp(self): super().setUp() - self.relative_path = os.path.dirname(os.path.realpath(__file__)) + self.relative_path = str(Path(os.path.realpath(__file__)).parent) def check_nb_duplicates(self, expected_number_of_duplicates): logger.debug("checking duplicates...") @@ -140,7 +141,7 @@ def test_import_path_tests(self): driver.find_element(By.PARTIAL_LINK_TEXT, "Path Test 1").click() driver.find_element(By.ID, "dropdownMenu1").click() driver.find_element(By.LINK_TEXT, "Re-Upload Scan").click() - driver.find_element(By.ID, "id_file").send_keys(self.relative_path + "/dedupe_scans/dedupe_path_1.json") + driver.find_element(By.ID, "id_file").send_keys(os.path.realpath(self.relative_path + "/dedupe_scans/dedupe_path_1.json")) driver.find_elements(By.CSS_SELECTOR, "button.btn.btn-primary")[1].click() # 'Bandit Scan processed a total of 1 findings created 1 findings did not touch 1 findings.' @@ -154,7 +155,7 @@ def test_import_path_tests(self): driver.find_element(By.PARTIAL_LINK_TEXT, "Path Test 2").click() driver.find_element(By.ID, "dropdownMenu1").click() driver.find_element(By.LINK_TEXT, "Re-Upload Scan").click() - driver.find_element(By.ID, "id_file").send_keys(self.relative_path + "/dedupe_scans/dedupe_path_2.json") + driver.find_element(By.ID, "id_file").send_keys(os.path.realpath(self.relative_path + "/dedupe_scans/dedupe_path_2.json")) driver.find_elements(By.CSS_SELECTOR, "button.btn.btn-primary")[1].click() # 'Bandit Scan processed a total of 2 findings created 2 findings did not touch 1 findings.' @@ -212,7 +213,7 @@ def test_import_endpoint_tests(self): driver.find_element(By.PARTIAL_LINK_TEXT, "Endpoint Test 1").click() driver.find_element(By.ID, "dropdownMenu1").click() driver.find_element(By.LINK_TEXT, "Re-Upload Scan").click() - driver.find_element(By.ID, "id_file").send_keys(self.relative_path + "/dedupe_scans/dedupe_endpoint_1.xml") + driver.find_element(By.ID, "id_file").send_keys(os.path.realpath(self.relative_path + "/dedupe_scans/dedupe_endpoint_1.xml")) driver.find_elements(By.CSS_SELECTOR, "button.btn.btn-primary")[1].click() self.assertTrue(self.is_success_message_present(text="a total of 3 findings")) @@ -223,7 +224,7 @@ def test_import_endpoint_tests(self): driver.find_element(By.PARTIAL_LINK_TEXT, "Endpoint Test 2").click() driver.find_element(By.ID, "dropdownMenu1").click() driver.find_element(By.LINK_TEXT, "Re-Upload Scan").click() - driver.find_element(By.ID, "id_file").send_keys(self.relative_path + "/dedupe_scans/dedupe_endpoint_2.xml") + driver.find_element(By.ID, "id_file").send_keys(os.path.realpath(self.relative_path + "/dedupe_scans/dedupe_endpoint_2.xml")) driver.find_elements(By.CSS_SELECTOR, "button.btn.btn-primary")[1].click() self.assertTrue(self.is_success_message_present(text="a total of 3 findings")) @@ -276,7 +277,7 @@ def test_import_same_eng_tests(self): driver.find_element(By.PARTIAL_LINK_TEXT, "Same Eng Test 1").click() driver.find_element(By.ID, "dropdownMenu1").click() driver.find_element(By.LINK_TEXT, "Re-Upload Scan").click() - driver.find_element(By.ID, "id_file").send_keys(self.relative_path + "/dedupe_scans/dedupe_endpoint_1.xml") + driver.find_element(By.ID, "id_file").send_keys(os.path.realpath(self.relative_path + "/dedupe_scans/dedupe_endpoint_1.xml")) driver.find_elements(By.CSS_SELECTOR, "button.btn.btn-primary")[1].click() self.assertTrue(self.is_success_message_present(text="a total of 3 findings")) @@ -287,7 +288,7 @@ def test_import_same_eng_tests(self): driver.find_element(By.PARTIAL_LINK_TEXT, "Same Eng Test 2").click() driver.find_element(By.ID, "dropdownMenu1").click() driver.find_element(By.LINK_TEXT, "Re-Upload Scan").click() - driver.find_element(By.ID, "id_file").send_keys(self.relative_path + "/dedupe_scans/dedupe_cross_1.csv") + driver.find_element(By.ID, "id_file").send_keys(os.path.realpath(self.relative_path + "/dedupe_scans/dedupe_cross_1.csv")) driver.find_elements(By.CSS_SELECTOR, "button.btn.btn-primary")[1].click() self.assertTrue(self.is_success_message_present(text="a total of 3 findings")) @@ -419,7 +420,7 @@ def test_import_cross_test(self): driver.find_element(By.PARTIAL_LINK_TEXT, "Immuniweb Test").click() driver.find_element(By.CSS_SELECTOR, "i.fa-solid.fa-ellipsis-vertical").click() driver.find_element(By.LINK_TEXT, "Re-Upload Scan Results").click() - driver.find_element(By.ID, "id_file").send_keys(self.relative_path + "/dedupe_scans/dedupe_endpoint_1.xml") + driver.find_element(By.ID, "id_file").send_keys(os.path.realpath(self.relative_path + "/dedupe_scans/dedupe_endpoint_1.xml")) driver.find_elements(By.CSS_SELECTOR, "button.btn.btn-primary")[1].click() self.assertTrue(self.is_success_message_present(text="a total of 3 findings")) @@ -430,7 +431,7 @@ def test_import_cross_test(self): driver.find_element(By.PARTIAL_LINK_TEXT, "Generic Test").click() driver.find_element(By.CSS_SELECTOR, "i.fa-solid.fa-ellipsis-vertical").click() driver.find_element(By.LINK_TEXT, "Re-Upload Scan Results").click() - driver.find_element(By.ID, "id_file").send_keys(self.relative_path + "/dedupe_scans/dedupe_cross_1.csv") + driver.find_element(By.ID, "id_file").send_keys(os.path.realpath(self.relative_path + "/dedupe_scans/dedupe_cross_1.csv")) driver.find_elements(By.CSS_SELECTOR, "button.btn.btn-primary")[1].click() self.assertTrue(self.is_success_message_present(text="a total of 3 findings")) diff --git a/tests/file_test.py b/tests/file_test.py index 783380fd367..686f133e4d0 100644 --- a/tests/file_test.py +++ b/tests/file_test.py @@ -2,12 +2,13 @@ import sys import time import unittest +from pathlib import Path from base_test_class import BaseTestCase from product_test import ProductTest, WaitForPageLoad from selenium.webdriver.common.by import By -dir_path = os.path.dirname(os.path.realpath(__file__)) +dir_path = Path(os.path.realpath(__file__)).parent class FileUploadTest(BaseTestCase): diff --git a/tests/finding_test.py b/tests/finding_test.py index 638e0ecc02c..4e08744c5e9 100644 --- a/tests/finding_test.py +++ b/tests/finding_test.py @@ -14,7 +14,7 @@ from user_test import UserTest logger = logging.getLogger(__name__) -dir_path = os.path.dirname(os.path.realpath(__file__)) +dir_path = Path(os.path.realpath(__file__)).parent class FindingTest(BaseTestCase): diff --git a/tests/ibm_appscan_test.py b/tests/ibm_appscan_test.py index 5a5f41fc0a2..451e387db1c 100644 --- a/tests/ibm_appscan_test.py +++ b/tests/ibm_appscan_test.py @@ -1,13 +1,14 @@ import os import sys import unittest +from pathlib import Path from base_test_class import BaseTestCase from product_test import ProductTest from selenium.webdriver.common.by import By from selenium.webdriver.support.ui import Select -dir_path = os.path.dirname(os.path.realpath(__file__)) +dir_path = Path(os.path.realpath(__file__)).parent class IBMAppScanTest(BaseTestCase): diff --git a/tests/report_builder_test.py b/tests/report_builder_test.py index cbb61583bda..8cc0c6ebce9 100644 --- a/tests/report_builder_test.py +++ b/tests/report_builder_test.py @@ -1,6 +1,7 @@ import os import sys import unittest +from pathlib import Path from base_test_class import BaseTestCase from product_test import ProductTest @@ -9,7 +10,7 @@ from selenium.webdriver.support import expected_conditions as EC from selenium.webdriver.support.ui import Select, WebDriverWait -dir_path = os.path.dirname(os.path.realpath(__file__)) +dir_path = Path(os.path.realpath(__file__)).parent class ReportBuilderTest(BaseTestCase): diff --git a/unittests/dojo_test_case.py b/unittests/dojo_test_case.py index d8995e5d0d3..d22073e2730 100644 --- a/unittests/dojo_test_case.py +++ b/unittests/dojo_test_case.py @@ -4,6 +4,7 @@ import os from functools import wraps from itertools import chain +from pathlib import Path from pprint import pformat from django.test import TestCase @@ -39,7 +40,7 @@ def get_unit_tests_path(): - return os.path.dirname(os.path.realpath(__file__)) + return str(Path(os.path.realpath(__file__)).parent) def toggle_system_setting_boolean(flag_name, value): diff --git a/unittests/tools/test_anchore_enterprise_parser.py b/unittests/tools/test_anchore_enterprise_parser.py index 2acabcf20c6..6025fb736a8 100644 --- a/unittests/tools/test_anchore_enterprise_parser.py +++ b/unittests/tools/test_anchore_enterprise_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.anchore_enterprise.parser import AnchoreEnterpriseParser, extract_vulnerability_id, search_filepath @@ -7,19 +8,19 @@ class TestAnchoreEnterpriseParser(DojoTestCase): def test_anchore_policy_check_parser_has_no_findings(self): - with open(path.join(path.dirname(__file__), "../scans/anchore_enterprise/no_checks.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/anchore_enterprise/no_checks.json"), encoding="utf-8") as testfile: parser = AnchoreEnterpriseParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_anchore_policy_check_parser_has_one_finding(self): - with open(path.join(path.dirname(__file__), "../scans/anchore_enterprise/one_check.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/anchore_enterprise/one_check.json"), encoding="utf-8") as testfile: parser = AnchoreEnterpriseParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_anchore_policy_check_parser_has_multiple_findings(self): - with open(path.join(path.dirname(__file__), "../scans/anchore_enterprise/many_checks.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/anchore_enterprise/many_checks.json"), encoding="utf-8") as testfile: parser = AnchoreEnterpriseParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(57, len(findings)) @@ -28,7 +29,7 @@ def test_anchore_policy_check_parser_has_multiple_findings(self): self.assertEqual("CVE-2015-2992", finding.unsaved_vulnerability_ids[0]) def test_anchore_policy_check_parser_invalid_format(self): - with open(path.join(path.dirname(__file__), "../scans/anchore_enterprise/invalid_checks_format.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/anchore_enterprise/invalid_checks_format.json"), encoding="utf-8") as testfile: with self.assertRaises(Exception): parser = AnchoreEnterpriseParser() parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_appspider_parser.py b/unittests/tools/test_appspider_parser.py index 1930efa7f39..207db2d2d6b 100644 --- a/unittests/tools/test_appspider_parser.py +++ b/unittests/tools/test_appspider_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Engagement, Finding, Product, Test from dojo.tools.appspider.parser import AppSpiderParser @@ -10,7 +11,7 @@ def test_appspider_parser_has_one_finding(self): test = Test() test.engagement = Engagement() test.engagement.product = Product() - testfile = open(path.join(path.dirname(__file__), "../scans/appspider/one_vuln.xml"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/appspider/one_vuln.xml"), encoding="utf-8") parser = AppSpiderParser() findings = parser.get_findings(testfile, test) for finding in findings: diff --git a/unittests/tools/test_bundler_audit_parser.py b/unittests/tools/test_bundler_audit_parser.py index c27c87a44f9..2fa4b4bc31d 100644 --- a/unittests/tools/test_bundler_audit_parser.py +++ b/unittests/tools/test_bundler_audit_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.bundler_audit.parser import BundlerAuditParser @@ -7,7 +8,7 @@ class TestBundlerAuditParser(DojoTestCase): def test_get_findings(self): - with open(path.join(path.dirname(__file__), "../scans/bundler_audit/bundler-audit_v0.6.1.txt"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/bundler_audit/bundler-audit_v0.6.1.txt"), encoding="utf-8") as testfile: parser = BundlerAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -29,7 +30,7 @@ def test_get_findings(self): self.assertEqual("2.2.3", finding.component_version) def test_get_findings_version9(self): - with open(path.join(path.dirname(__file__), "../scans/bundler_audit/version_9.0.txt"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/bundler_audit/version_9.0.txt"), encoding="utf-8") as testfile: parser = BundlerAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) diff --git a/unittests/tools/test_burp_dastardly_parser.py b/unittests/tools/test_burp_dastardly_parser.py index 2846895e985..8bf959b23c4 100644 --- a/unittests/tools/test_burp_dastardly_parser.py +++ b/unittests/tools/test_burp_dastardly_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.burp_dastardly.parser import BurpDastardlyParser @@ -8,7 +9,7 @@ class TestBurpParser(DojoTestCase): def test_burp_dastardly_multiple_findings(self): - with open(path.join(path.dirname(__file__), "../scans/burp_dastardly/many_findings.xml"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp_dastardly/many_findings.xml"), encoding="utf-8") as test_file: parser = BurpDastardlyParser() findings = parser.get_findings(test_file, Test()) for finding in findings: diff --git a/unittests/tools/test_burp_enterprise_parser.py b/unittests/tools/test_burp_enterprise_parser.py index ec45b95c2f6..cc0ce744e0e 100644 --- a/unittests/tools/test_burp_enterprise_parser.py +++ b/unittests/tools/test_burp_enterprise_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.burp_enterprise.parser import BurpEnterpriseParser @@ -8,7 +9,7 @@ class TestBurpEnterpriseParser(DojoTestCase): def test_burp_enterprise_with_multiple_vulns(self): - with open(path.join(path.dirname(__file__), "../scans/burp_enterprise/many_vulns.html"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp_enterprise/many_vulns.html"), encoding="utf-8") as test_file: parser = BurpEnterpriseParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -37,7 +38,7 @@ def test_burp_enterprise_with_multiple_vulns(self): self.assertIn("**Issue detail**:\nFingerprint Details:\n\nWAF Type : redacted\nWAF tech. details : Cloud-based CDN, WAF & DDoS prevention", finding.description) def test_burp_enterprise_with_multiple_vulns_newer_format(self): - with open(path.join(path.dirname(__file__), "../scans/burp_enterprise/many_vulns_updated_format.html"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp_enterprise/many_vulns_updated_format.html"), encoding="utf-8") as test_file: parser = BurpEnterpriseParser() findings = parser.get_findings(test_file, Test()) for finding in findings: diff --git a/unittests/tools/test_burp_graphql_parser.py b/unittests/tools/test_burp_graphql_parser.py index ea669d741f0..e163c52fead 100644 --- a/unittests/tools/test_burp_graphql_parser.py +++ b/unittests/tools/test_burp_graphql_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.burp_graphql.parser import BurpGraphQLParser @@ -8,7 +9,7 @@ class TestBurpGraphQLParser(DojoTestCase): def test_burp_one_finding(self): - with open(path.join(path.dirname(__file__), "../scans/burp_graphql/one_finding.json"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp_graphql/one_finding.json"), encoding="utf-8") as test_file: parser = BurpGraphQLParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -33,7 +34,7 @@ def test_burp_one_finding(self): self.assertIn("CWE-79", findings[0].references) def test_burp_two_findings(self): - with open(path.join(path.dirname(__file__), "../scans/burp_graphql/two_findings.json"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp_graphql/two_findings.json"), encoding="utf-8") as test_file: parser = BurpGraphQLParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -49,27 +50,27 @@ def test_burp_two_findings(self): self.assertIn("description 3", findings[1].description) def test_burp_no_findings(self): - with open(path.join(path.dirname(__file__), "../scans/burp_graphql/no_findings.json"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp_graphql/no_findings.json"), encoding="utf-8") as test_file: parser = BurpGraphQLParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(0, len(findings)) def test_burp_null_title(self): - with open(path.join(path.dirname(__file__), "../scans/burp_graphql/null_title.json"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp_graphql/null_title.json"), encoding="utf-8") as test_file: with self.assertRaises(ValueError): parser = BurpGraphQLParser() parser.get_findings(test_file, Test()) def test_burp_null_request_segments(self): - with open(path.join(path.dirname(__file__), "../scans/burp_graphql/null_request_segments.json"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp_graphql/null_request_segments.json"), encoding="utf-8") as test_file: parser = BurpGraphQLParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(1, len(findings)) def test_burp_null_data(self): - with open(path.join(path.dirname(__file__), "../scans/burp_graphql/null_data.json"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp_graphql/null_data.json"), encoding="utf-8") as test_file: parser = BurpGraphQLParser() findings = parser.get_findings(test_file, Test()) for finding in findings: diff --git a/unittests/tools/test_burp_parser.py b/unittests/tools/test_burp_parser.py index e8ba5c870f6..a75ea4f9148 100644 --- a/unittests/tools/test_burp_parser.py +++ b/unittests/tools/test_burp_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.burp.parser import BurpParser @@ -8,7 +9,7 @@ class TestBurpParser(DojoTestCase): def test_burp_with_one_vuln_has_one_finding(self): - with open(path.join(path.dirname(__file__), "../scans/burp/one_finding.xml"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp/one_finding.xml"), encoding="utf-8") as test_file: parser = BurpParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -20,7 +21,7 @@ def test_burp_with_one_vuln_has_one_finding(self): self.assertEqual(3, len(findings[0].unsaved_endpoints)) def test_burp_with_multiple_vulns_has_multiple_findings(self): - with open(path.join(path.dirname(__file__), "../scans/burp/seven_findings.xml"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp/seven_findings.xml"), encoding="utf-8") as test_file: parser = BurpParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -34,7 +35,7 @@ def test_burp_with_multiple_vulns_has_multiple_findings(self): self.assertEqual("Frameable response (potential Clickjacking)", finding.title) def test_burp_with_one_vuln_with_blank_response(self): - with open(path.join(path.dirname(__file__), "../scans/burp/one_finding_with_blank_response.xml"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp/one_finding_with_blank_response.xml"), encoding="utf-8") as test_file: parser = BurpParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -50,7 +51,7 @@ def test_burp_with_one_vuln_with_blank_response(self): self.assertEqual("High", findings[0].severity) def test_burp_with_one_vuln_with_cwe(self): - with open(path.join(path.dirname(__file__), "../scans/burp/one_finding_with_cwe.xml"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp/one_finding_with_cwe.xml"), encoding="utf-8") as test_file: parser = BurpParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -66,7 +67,7 @@ def test_burp_with_one_vuln_with_cwe(self): self.assertEqual("Info", findings[0].severity) def test_burp_issue4399(self): - with open(path.join(path.dirname(__file__), "../scans/burp/issue4399.xml"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/burp/issue4399.xml"), encoding="utf-8") as test_file: parser = BurpParser() findings = parser.get_findings(test_file, Test()) for finding in findings: diff --git a/unittests/tools/test_dawnscanner_parser.py b/unittests/tools/test_dawnscanner_parser.py index 73541ee45c6..5b7a161cc99 100644 --- a/unittests/tools/test_dawnscanner_parser.py +++ b/unittests/tools/test_dawnscanner_parser.py @@ -1,5 +1,6 @@ import datetime from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.dawnscanner.parser import DawnScannerParser @@ -8,7 +9,7 @@ class TestDawnScannerParser(DojoTestCase): def test_burp_with_one_vuln_has_one_finding(self): - with open(path.join(path.dirname(__file__), "../scans/dawnscanner/dawnscanner_v1.6.9.json"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/dawnscanner/dawnscanner_v1.6.9.json"), encoding="utf-8") as test_file: parser = DawnScannerParser() findings = parser.get_findings(test_file, Test()) for finding in findings: diff --git a/unittests/tools/test_dependency_check_parser.py b/unittests/tools/test_dependency_check_parser.py index 620e6adfc62..4ad945a39cc 100644 --- a/unittests/tools/test_dependency_check_parser.py +++ b/unittests/tools/test_dependency_check_parser.py @@ -1,6 +1,7 @@ import logging from datetime import UTC, datetime from os import path +from pathlib import Path from dateutil.tz import tzlocal, tzoffset @@ -255,7 +256,7 @@ def test_parse_file_with_multiple_vulnerabilities_has_multiple_findings(self): def test_parse_java_6_5_3(self): """Test with version 6.5.3""" - with open(path.join(path.dirname(__file__), "../scans/dependency_check/version-6.5.3.xml"), encoding="utf-8") as test_file: + with open(path.join(Path(__file__).parent, "../scans/dependency_check/version-6.5.3.xml"), encoding="utf-8") as test_file: parser = DependencyCheckParser() findings = parser.get_findings(test_file, Test()) items = findings diff --git a/unittests/tools/test_horusec_parser.py b/unittests/tools/test_horusec_parser.py index 10e27efee40..b2a39b75ca2 100644 --- a/unittests/tools/test_horusec_parser.py +++ b/unittests/tools/test_horusec_parser.py @@ -1,5 +1,6 @@ import datetime from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.horusec.parser import HorusecParser @@ -9,7 +10,7 @@ class TestHorusecParser(DojoTestCase): def test_get_findings(self): """Version 2.6.3 with big project in Python""" - with open(path.join(path.dirname(__file__), "../scans/horusec/version_2.6.3.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/horusec/version_2.6.3.json"), encoding="utf-8") as testfile: parser = HorusecParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(267, len(findings)) @@ -17,7 +18,7 @@ def test_get_findings(self): def test_get_tests(self): """Version 2.6.3 with big project in Python""" - with open(path.join(path.dirname(__file__), "../scans/horusec/version_2.6.3.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/horusec/version_2.6.3.json"), encoding="utf-8") as testfile: parser = HorusecParser() tests = parser.get_tests("Horusec Scan", testfile) self.assertEqual(1, len(tests)) @@ -49,7 +50,7 @@ def test_get_tests(self): def test_get_tests_ok(self): """Version 2.6.3 with big project in Python""" - with open(path.join(path.dirname(__file__), "../scans/horusec/horres3.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/horusec/horres3.json"), encoding="utf-8") as testfile: parser = HorusecParser() tests = parser.get_tests("Horusec Scan", testfile) self.assertEqual(1, len(tests)) @@ -81,7 +82,7 @@ def test_get_tests_ok(self): def test_get_tests_issue_6258(self): """""" - with open(path.join(path.dirname(__file__), "../scans/horusec/issue_6258.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/horusec/issue_6258.json"), encoding="utf-8") as testfile: parser = HorusecParser() tests = parser.get_tests("Horusec Scan", testfile) self.assertEqual(1, len(tests)) @@ -117,7 +118,7 @@ def test_get_tests_issue_6258(self): def test_get_tests_pr_6563(self): """""" - with open(path.join(path.dirname(__file__), "../scans/horusec/pr_6563.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/horusec/pr_6563.json"), encoding="utf-8") as testfile: parser = HorusecParser() tests = parser.get_tests("Horusec Scan", testfile) self.assertEqual(1, len(tests)) @@ -136,7 +137,7 @@ def test_get_tests_pr_6563(self): def test_issue_9939(self): """""" - with open(path.join(path.dirname(__file__), "../scans/horusec/issue_9939.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/horusec/issue_9939.json"), encoding="utf-8") as testfile: parser = HorusecParser() tests = parser.get_tests("Horusec Scan", testfile) self.assertEqual(1, len(tests)) diff --git a/unittests/tools/test_nancy_parser.py b/unittests/tools/test_nancy_parser.py index 3823380dd00..5de57ddd2e0 100644 --- a/unittests/tools/test_nancy_parser.py +++ b/unittests/tools/test_nancy_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.nancy.parser import NancyParser @@ -7,13 +8,13 @@ class TestNancyParser(DojoTestCase): def test_nancy_parser_with_no_vuln_has_no_findings(self): - with open(path.join(path.dirname(__file__), "../scans/nancy/nancy_no_findings.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/nancy/nancy_no_findings.json"), encoding="utf-8") as testfile: parser = NancyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_nancy_parser_with_one_vuln_has_one_findings(self): - with open(path.join(path.dirname(__file__), "../scans/nancy/nancy_one_findings.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/nancy/nancy_one_findings.json"), encoding="utf-8") as testfile: parser = NancyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -27,7 +28,7 @@ def test_nancy_parser_with_one_vuln_has_one_findings(self): self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", finding.cvssv3) def test_nancy_plus_parser_with_many_vuln_has_many_findings(self): - with open(path.join(path.dirname(__file__), "../scans/nancy/nancy_many_findings.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/nancy/nancy_many_findings.json"), encoding="utf-8") as testfile: parser = NancyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(13, len(findings)) diff --git a/unittests/tools/test_neuvector_compliance_parser.py b/unittests/tools/test_neuvector_compliance_parser.py index 3f82ec373b0..1370d61143a 100644 --- a/unittests/tools/test_neuvector_compliance_parser.py +++ b/unittests/tools/test_neuvector_compliance_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.neuvector_compliance.parser import NeuVectorComplianceParser @@ -7,14 +8,14 @@ class TestNeuVectorComplianceParser(DojoTestCase): def test_parse_file_with_no_vuln(self): - testfile = open(path.join(path.dirname(__file__), "../scans/neuvector_compliance/no_vuln.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/neuvector_compliance/no_vuln.json"), encoding="utf-8") parser = NeuVectorComplianceParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln(self): - testfile = open(path.join(path.dirname(__file__), "../scans/neuvector_compliance/one_vuln.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/neuvector_compliance/one_vuln.json"), encoding="utf-8") parser = NeuVectorComplianceParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -22,7 +23,7 @@ def test_parse_file_with_one_vuln(self): self.assertEqual("docker_D.1.1.11", findings[0].vuln_id_from_tool) def test_parse_file_with_many_vulns(self): - testfile = open(path.join(path.dirname(__file__), "../scans/neuvector_compliance/many_vulns.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/neuvector_compliance/many_vulns.json"), encoding="utf-8") parser = NeuVectorComplianceParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_neuvector_parser.py b/unittests/tools/test_neuvector_parser.py index 362618375e5..ed4507dd9dc 100644 --- a/unittests/tools/test_neuvector_parser.py +++ b/unittests/tools/test_neuvector_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.neuvector.parser import NeuVectorParser @@ -7,14 +8,14 @@ class TestNeuVectorParser(DojoTestCase): def test_parse_file_with_no_vuln(self): - testfile = open(path.join(path.dirname(__file__), "../scans/neuvector/no_vuln.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/neuvector/no_vuln.json"), encoding="utf-8") parser = NeuVectorParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln(self): - testfile = open(path.join(path.dirname(__file__), "../scans/neuvector/one_vuln.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/neuvector/one_vuln.json"), encoding="utf-8") parser = NeuVectorParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -23,7 +24,7 @@ def test_parse_file_with_one_vuln(self): self.assertEqual("CVE-2015-8356", findings[0].unsaved_vulnerability_ids[0]) def test_parse_file_with_many_vulns(self): - testfile = open(path.join(path.dirname(__file__), "../scans/neuvector/many_vulns.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/neuvector/many_vulns.json"), encoding="utf-8") parser = NeuVectorParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_npm_audit_7_plus_parser.py b/unittests/tools/test_npm_audit_7_plus_parser.py index 6028e992a48..0d937584c82 100644 --- a/unittests/tools/test_npm_audit_7_plus_parser.py +++ b/unittests/tools/test_npm_audit_7_plus_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.npm_audit_7_plus.parser import NpmAudit7PlusParser @@ -7,14 +8,14 @@ class TestNpmAudit7PlusParser(DojoTestCase): def test_npm_audit_7_plus_parser_with_no_vuln_has_no_findings(self): - testfile = open(path.join(path.dirname(__file__), "../scans/npm_audit_7_plus/no_vuln.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/npm_audit_7_plus/no_vuln.json"), encoding="utf-8") parser = NpmAudit7PlusParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_npm_audit_7_plus_parser_with_one_vuln_has_one_findings(self): - testfile = open(path.join(path.dirname(__file__), "../scans/npm_audit_7_plus/one_vuln.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/npm_audit_7_plus/one_vuln.json"), encoding="utf-8") parser = NpmAudit7PlusParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -28,7 +29,7 @@ def test_npm_audit_7_plus_parser_with_one_vuln_has_one_findings(self): self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", finding.cvssv3) def test_npm_audit_7_plus_parser_with_many_vuln_has_many_findings(self): - testfile = open(path.join(path.dirname(__file__), "../scans/npm_audit_7_plus/many_vulns.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/npm_audit_7_plus/many_vulns.json"), encoding="utf-8") parser = NpmAudit7PlusParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -42,7 +43,7 @@ def test_npm_audit_7_plus_parser_with_many_vuln_has_many_findings(self): self.assertEqual("@vercel/fun", finding.title) def test_npm_audit_7_plus_parser_issue_10801(self): - testfile = open(path.join(path.dirname(__file__), "../scans/npm_audit_7_plus/issue_10801.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/npm_audit_7_plus/issue_10801.json"), encoding="utf-8") parser = NpmAudit7PlusParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_npm_audit_parser.py b/unittests/tools/test_npm_audit_parser.py index 0d8493009af..c15da91da72 100644 --- a/unittests/tools/test_npm_audit_parser.py +++ b/unittests/tools/test_npm_audit_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.npm_audit.parser import NpmAuditParser, censor_path_hashes @@ -7,13 +8,13 @@ class TestNpmAuditParser(DojoTestCase): def test_npm_audit_parser_with_no_vuln_has_no_findings(self): - with open(path.join(path.dirname(__file__), "../scans/npm_audit/no_vuln.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/npm_audit/no_vuln.json"), encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_npm_audit_parser_with_one_criticle_vuln_has_one_findings(self): - with open(path.join(path.dirname(__file__), "../scans/npm_audit/one_vuln.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/npm_audit/one_vuln.json"), encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -22,7 +23,7 @@ def test_npm_audit_parser_with_one_criticle_vuln_has_one_findings(self): self.assertEqual("1.9.2", findings[0].component_version) def test_npm_audit_parser_with_many_vuln_has_many_findings(self): - with open(path.join(path.dirname(__file__), "../scans/npm_audit/many_vuln.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/npm_audit/many_vuln.json"), encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) @@ -39,7 +40,7 @@ def test_npm_audit_parser_with_many_vuln_has_many_findings(self): def test_npm_audit_parser_multiple_cwes_per_finding(self): # cwes formatted as escaped list: "cwe": "[\"CWE-346\",\"CWE-453\"]", - with open(path.join(path.dirname(__file__), "../scans/npm_audit/multiple_cwes.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/npm_audit/multiple_cwes.json"), encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(41, len(findings)) @@ -48,14 +49,14 @@ def test_npm_audit_parser_multiple_cwes_per_finding(self): def test_npm_audit_parser_multiple_cwes_per_finding_list(self): # cwes formatted as proper list: "cwe": ["CWE-918","CWE-1333"], - with open(path.join(path.dirname(__file__), "../scans/npm_audit/multiple_cwes2.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/npm_audit/multiple_cwes2.json"), encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(6, len(findings)) self.assertEqual(918, findings[0].cwe) def test_npm_audit_parser_with_one_criticle_vuln_has_null_as_cwe(self): - with open(path.join(path.dirname(__file__), "../scans/npm_audit/cwe_null.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/npm_audit/cwe_null.json"), encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -65,7 +66,7 @@ def test_npm_audit_parser_with_one_criticle_vuln_has_null_as_cwe(self): def test_npm_audit_parser_empty_with_error(self): with self.assertRaises(ValueError) as context: - with open(path.join(path.dirname(__file__), "../scans/npm_audit/empty_with_error.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/npm_audit/empty_with_error.json"), encoding="utf-8") as testfile: parser = NpmAuditParser() parser.get_findings(testfile, Test()) @@ -74,7 +75,7 @@ def test_npm_audit_parser_empty_with_error(self): def test_npm_audit_parser_many_vuln_npm7(self): with self.assertRaises(ValueError) as context: - with open(path.join(path.dirname(__file__), "../scans/npm_audit/many_vuln_npm7.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/npm_audit/many_vuln_npm7.json"), encoding="utf-8") as testfile: parser = NpmAuditParser() parser.get_findings(testfile, Test()) @@ -90,7 +91,7 @@ def test_npm_audit_censored_hash(self): self.assertEqual(censored_path, "censored_by_npm_audit>censored_by_npm_audit>lodash") def test_npm_audit_parser_issue_7897(self): - with open(path.join(path.dirname(__file__), "../scans/npm_audit/issue_7897.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/npm_audit/issue_7897.json"), encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) diff --git a/unittests/tools/test_osv_scanner_parser.py b/unittests/tools/test_osv_scanner_parser.py index 3b82fc93303..196ff093367 100644 --- a/unittests/tools/test_osv_scanner_parser.py +++ b/unittests/tools/test_osv_scanner_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.osv_scanner.parser import OSVScannerParser @@ -7,13 +8,13 @@ class TestOSVScannerParser(DojoTestCase): def test_no_findings(self): - with open(path.join(path.dirname(__file__), "../scans/osv_scanner/no_findings.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/osv_scanner/no_findings.json"), encoding="utf-8") as testfile: parser = OSVScannerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_some_findings(self): - with open(path.join(path.dirname(__file__), "../scans/osv_scanner/some_findings.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/osv_scanner/some_findings.json"), encoding="utf-8") as testfile: parser = OSVScannerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -25,7 +26,7 @@ def test_some_findings(self): self.assertEqual(finding.severity, "Low") def test_many_findings(self): - with open(path.join(path.dirname(__file__), "../scans/osv_scanner/many_findings.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/osv_scanner/many_findings.json"), encoding="utf-8") as testfile: parser = OSVScannerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(66, len(findings)) diff --git a/unittests/tools/test_qualys_hacker_guardian_parser.py b/unittests/tools/test_qualys_hacker_guardian_parser.py index 00ccb64499d..47bd820ffb6 100644 --- a/unittests/tools/test_qualys_hacker_guardian_parser.py +++ b/unittests/tools/test_qualys_hacker_guardian_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.qualys_hacker_guardian.parser import QualysHackerGuardianParser @@ -8,13 +9,13 @@ class TestQualysHackerGuardianParser(DojoTestCase): def test_qualys_hacker_guardian_parser_with_no_findings(self): - with open(path.join(path.dirname(__file__), "../scans/qualys_hacker_guardian/zero_finding.csv"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/qualys_hacker_guardian/zero_finding.csv"), encoding="utf-8") as testfile: parser = QualysHackerGuardianParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_qualys_hacker_guardian_parser_with_one_findings(self): - with open(path.join(path.dirname(__file__), "../scans/qualys_hacker_guardian/one_finding.csv"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/qualys_hacker_guardian/one_finding.csv"), encoding="utf-8") as testfile: parser = QualysHackerGuardianParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -25,7 +26,7 @@ def test_qualys_hacker_guardian_parser_with_one_findings(self): self.assertEqual(len(finding.unsaved_endpoints), 2) def test_qualys_hacker_guardian_parser_with_many_findings(self): - with open(path.join(path.dirname(__file__), "../scans/qualys_hacker_guardian/many_finding.csv"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/qualys_hacker_guardian/many_finding.csv"), encoding="utf-8") as testfile: parser = QualysHackerGuardianParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_rapplex_parser.py b/unittests/tools/test_rapplex_parser.py index 9d56762513e..97937cbd4d0 100644 --- a/unittests/tools/test_rapplex_parser.py +++ b/unittests/tools/test_rapplex_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.rapplex.parser import RapplexParser @@ -8,13 +9,13 @@ class TestRapplexParser(DojoTestCase): def test_rapplex_parser_with_no_findings(self): - with open(path.join(path.dirname(__file__), "../scans/rapplex/rapplex_zero_vul.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/rapplex/rapplex_zero_vul.json"), encoding="utf-8") as testfile: parser = RapplexParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_rapplex_parser_with_one_findings(self): - with open(path.join(path.dirname(__file__), "../scans/rapplex/rapplex_one_vul.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/rapplex/rapplex_one_vul.json"), encoding="utf-8") as testfile: parser = RapplexParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -26,7 +27,7 @@ def test_rapplex_parser_with_one_findings(self): self.assertIsNotNone(finding.references) def test_rapplex_parser_with_many_findings(self): - with open(path.join(path.dirname(__file__), "../scans/rapplex/rapplex_many_vul.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/rapplex/rapplex_many_vul.json"), encoding="utf-8") as testfile: parser = RapplexParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(8, len(findings)) diff --git a/unittests/tools/test_sarif_parser.py b/unittests/tools/test_sarif_parser.py index aafa91d09e1..f0281ac2060 100644 --- a/unittests/tools/test_sarif_parser.py +++ b/unittests/tools/test_sarif_parser.py @@ -1,5 +1,6 @@ import datetime from os import path +from pathlib import Path from dojo.models import Finding, Test from dojo.tools.sarif.parser import SarifParser, get_fingerprints_hashes @@ -29,7 +30,7 @@ def test_example_report(self): def test_suppression_report(self): """Test report file having different suppression definitions""" - with open(path.join(path.dirname(__file__), "../scans/sarif/suppression_test.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/suppression_test.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -41,7 +42,7 @@ def test_suppression_report(self): self.assertEqual(True, finding.active) def test_example2_report(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/appendix_k.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -69,13 +70,13 @@ def test_example2_report(self): self.common_checks(finding) def test_example_k1_report(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/appendix_k1.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k1.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_example_k2_report(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/appendix_k2.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k2.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -90,7 +91,7 @@ def test_example_k2_report(self): self.common_checks(finding) def test_example_k3_report(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/appendix_k3.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k3.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -100,7 +101,7 @@ def test_example_k3_report(self): self.common_checks(finding) def test_example_k4_report_mitigation(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/appendix_k4.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k4.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -117,7 +118,7 @@ def test_example_k4_report_mitigation(self): def test_example_report_ms(self): """Report file come from Microsoft SARIF sdk on GitHub""" - with open(path.join(path.dirname(__file__), "../scans/sarif/SuppressionTestCurrent.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/SuppressionTestCurrent.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -127,7 +128,7 @@ def test_example_report_ms(self): self.common_checks(finding) def test_example_report_semgrep(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/semgrepowasp-benchmark-sample.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/semgrepowasp-benchmark-sample.sarif"), encoding="utf-8") as testfile: test = Test() parser = SarifParser() findings = parser.get_findings(testfile, test) @@ -141,7 +142,7 @@ def test_example_report_semgrep(self): self.common_checks(finding) def test_example_report_scanlift_dependency_check(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/dependency_check.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/dependency_check.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(13, len(findings)) @@ -164,7 +165,7 @@ def test_example_report_scanlift_dependency_check(self): self.common_checks(finding) def test_example_report_scanlift_bash(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/bash-report.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/bash-report.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(27, len(findings)) @@ -193,7 +194,7 @@ def test_example_report_scanlift_bash(self): self.common_checks(finding) def test_example_report_taint_python(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/taint-python-report.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/taint-python-report.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(11, len(findings)) @@ -235,7 +236,7 @@ def test_example_report_taint_python(self): def test_njsscan(self): """Generated with opensecurity/njsscan (https://github.com/ajinabraham/njsscan)""" - with open(path.join(path.dirname(__file__), "../scans/sarif/njsscan.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/njsscan.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -262,7 +263,7 @@ def test_njsscan(self): def test_dockle(self): """Generated with goodwithtech/dockle (https://github.com/goodwithtech/dockle)""" - with open(path.join(path.dirname(__file__), "../scans/sarif/dockle_0_3_15.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/dockle_0_3_15.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -310,7 +311,7 @@ def test_dockle(self): ) def test_mobsfscan(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/mobsfscan.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/mobsfscan.json"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(9, len(findings)) @@ -318,7 +319,7 @@ def test_mobsfscan(self): self.common_checks(finding) def test_gitleaks(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/gitleaks_7.5.0.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/gitleaks_7.5.0.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(8, len(findings)) @@ -368,7 +369,7 @@ def test_gitleaks(self): self.assertEqual(37, finding.line) def test_flawfinder(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/flawfinder.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/flawfinder.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(53, len(findings)) @@ -444,7 +445,7 @@ def test_flawfinder(self): self.assertEqual("https://cwe.mitre.org/data/definitions/120.html", finding.references) def test_flawfinder_interfacev2(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/flawfinder.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/flawfinder.sarif"), encoding="utf-8") as testfile: parser = SarifParser() tests = parser.get_tests(parser.get_scan_types()[0], testfile) self.assertEqual(1, len(tests)) @@ -513,7 +514,7 @@ def test_flawfinder_interfacev2(self): self.assertEqual("https://cwe.mitre.org/data/definitions/120.html", finding.references) def test_appendix_k1_double_interfacev2(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/appendix_k1_double.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k1_double.sarif"), encoding="utf-8") as testfile: parser = SarifParser() tests = parser.get_tests(parser.get_scan_types()[0], testfile) self.assertEqual(2, len(tests)) @@ -529,7 +530,7 @@ def test_appendix_k1_double_interfacev2(self): self.assertEqual(0, len(findings)) def test_codeql_snippet_report(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/codeQL-output.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/codeQL-output.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(72, len(findings)) @@ -555,7 +556,7 @@ def test_codeql_snippet_report(self): self.common_checks(finding) def test_severity_cvss_from_grype(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/cxf-3.4.6.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/cxf-3.4.6.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(22, len(findings)) @@ -584,14 +585,14 @@ def test_get_fingerprints_hashes(self): ) def test_tags_from_result_properties(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/taint-python-report.sarif"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/taint-python-report.sarif"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) item = findings[0] self.assertEqual(["Scan"], item.tags) def test_severity_in_properties(self): - with open(path.join(path.dirname(__file__), "../scans/sarif/issue_10191.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sarif/issue_10191.json"), encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(77, len(findings)) diff --git a/unittests/tools/test_sslyze_parser.py b/unittests/tools/test_sslyze_parser.py index fa879d91b42..05349de67a8 100644 --- a/unittests/tools/test_sslyze_parser.py +++ b/unittests/tools/test_sslyze_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.sslyze.parser import SslyzeParser @@ -7,19 +8,19 @@ class TestSslyzeJSONParser(DojoTestCase): def test_parse_json_file_with_one_target_has_zero_vuln_old(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/one_target_zero_vuln_old.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_zero_vuln_old.json"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_json_file_issue_9848(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/issue_9848.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/issue_9848.json"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) def test_parse_json_file_with_one_target_has_one_vuln_old(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/one_target_one_vuln_old.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_one_vuln_old.json"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) @@ -41,7 +42,7 @@ def test_parse_json_file_with_one_target_has_one_vuln_old(self): self.assertEqual(443, endpoint.port) def test_parse_json_file_with_one_target_has_four_vuln_old(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/one_target_many_vuln_old.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_many_vuln_old.json"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) @@ -54,20 +55,20 @@ def test_parse_json_file_with_one_target_has_four_vuln_old(self): self.assertEqual("CVE-2014-0224", findings[1].unsaved_vulnerability_ids[0]) def test_parse_json_file_with_two_target_has_many_vuln_old(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/two_targets_two_vuln_old.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/two_targets_two_vuln_old.json"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) def test_parse_json_file_with_one_target_has_zero_vuln_new(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/one_target_zero_vuln_new.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_zero_vuln_new.json"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_json_file_with_one_target_has_one_vuln_new(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/one_target_one_vuln_new.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_one_vuln_new.json"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) @@ -104,13 +105,13 @@ def test_parse_json_file_with_one_target_has_one_vuln_new(self): self.assertEqual(443, endpoint.port) def test_parse_json_file_with_one_target_has_three_vuln_new(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/one_target_many_vuln_new.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_many_vuln_new.json"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) def test_parse_json_file_with_two_target_has_many_vuln_new(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/two_targets_many_vuln_new.json"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/two_targets_many_vuln_new.json"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) @@ -159,7 +160,7 @@ def test_parse_json_file_with_two_target_has_many_vuln_new(self): class TestSSLyzeXMLParser(DojoTestCase): def test_parse_file_with_one_target_has_three_vuln(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/report_one_target_three_vuln.xml"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/report_one_target_three_vuln.xml"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -168,7 +169,7 @@ def test_parse_file_with_one_target_has_three_vuln(self): self.assertEqual(3, len(findings)) def test_parse_xml_file_with_one_target_has_one_vuln(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/report_one_target_one_vuln.xml"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/report_one_target_one_vuln.xml"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -177,7 +178,7 @@ def test_parse_xml_file_with_one_target_has_one_vuln(self): self.assertEqual(1, len(findings)) def test_parse_xml_file_with_one_target_has_three_vuln(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/report_one_target_three_vuln.xml"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/report_one_target_three_vuln.xml"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -186,7 +187,7 @@ def test_parse_xml_file_with_one_target_has_three_vuln(self): self.assertEqual(3, len(findings)) def test_parse_xml_file_with_two_target_has_many_vuln(self): - with open(path.join(path.dirname(__file__), "../scans/sslyze/report_two_target_many_vuln.xml"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/sslyze/report_two_target_many_vuln.xml"), encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_tenable_parser.py b/unittests/tools/test_tenable_parser.py index 6fee8e1c8fa..449510393cc 100644 --- a/unittests/tools/test_tenable_parser.py +++ b/unittests/tools/test_tenable_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Engagement, Finding, Product, Test from dojo.tools.tenable.parser import TenableParser @@ -13,7 +14,7 @@ def create_test(self): return test def test_parse_some_findings_nessus_legacy(self): - with open(path.join(path.dirname(__file__), "../scans/tenable/nessus/nessus_many_vuln.xml"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln.xml"), encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -30,7 +31,7 @@ def test_parse_some_findings_nessus_legacy(self): def test_parse_some_findings_csv_nessus_legacy(self): """Test one report provided by a user""" - with open(path.join(path.dirname(__file__), "../scans/tenable/nessus/nessus_many_vuln.csv"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln.csv"), encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -60,7 +61,7 @@ def test_parse_some_findings_csv_nessus_legacy(self): def test_parse_some_findings_csv2_nessus_legacy(self): """Test that use default columns of Nessus Pro 8.13.1 (#257)""" - with open(path.join(path.dirname(__file__), "../scans/tenable/nessus/nessus_many_vuln2-default.csv"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln2-default.csv"), encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -82,7 +83,7 @@ def test_parse_some_findings_csv2_nessus_legacy(self): def test_parse_some_findings_csv2_all_nessus_legacy(self): """Test that use a report with all columns of Nessus Pro 8.13.1 (#257)""" - with open(path.join(path.dirname(__file__), "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -104,19 +105,19 @@ def test_parse_some_findings_csv2_all_nessus_legacy(self): def test_parse_some_findings_csv_bytes_nessus_legacy(self): """This tests is designed to test the parser with different read modes""" - with open(path.join(path.dirname(__file__), "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: for endpoint in finding.unsaved_endpoints: endpoint.clean() - with open(path.join(path.dirname(__file__), "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: for endpoint in finding.unsaved_endpoints: endpoint.clean() - with open(path.join(path.dirname(__file__), "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), "rb") as testfile: + with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), "rb") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -125,7 +126,7 @@ def test_parse_some_findings_csv_bytes_nessus_legacy(self): def test_parse_some_findings_samples_nessus_legacy(self): """Test that come from samples repo""" - with open(path.join(path.dirname(__file__), "../scans/tenable/nessus/nessus_v_unknown.xml"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_v_unknown.xml"), encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -156,7 +157,7 @@ def test_parse_some_findings_samples_nessus_legacy(self): def test_parse_some_findings_with_cvssv3_nessus_legacy(self): """Test with cvssv3""" - with open(path.join(path.dirname(__file__), "../scans/tenable/nessus/nessus_with_cvssv3.nessus"), encoding="utf-8") as testfile: + with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_with_cvssv3.nessus"), encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: diff --git a/unittests/tools/test_twistlock_parser.py b/unittests/tools/test_twistlock_parser.py index 2934f0230db..b774c704625 100644 --- a/unittests/tools/test_twistlock_parser.py +++ b/unittests/tools/test_twistlock_parser.py @@ -1,4 +1,5 @@ from os import path +from pathlib import Path from dojo.models import Test from dojo.tools.twistlock.parser import TwistlockParser @@ -7,14 +8,14 @@ class TestTwistlockParser(DojoTestCase): def test_parse_file_with_no_vuln(self): - testfile = open(path.join(path.dirname(__file__), "../scans/twistlock/no_vuln.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/twistlock/no_vuln.json"), encoding="utf-8") parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln(self): - testfile = open(path.join(path.dirname(__file__), "../scans/twistlock/one_vuln.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/twistlock/one_vuln.json"), encoding="utf-8") parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -23,7 +24,7 @@ def test_parse_file_with_one_vuln(self): self.assertEqual("CVE-2013-7459", findings[0].unsaved_vulnerability_ids[0]) def test_parse_file_with_no_link(self): - testfile = open(path.join(path.dirname(__file__), "../scans/twistlock/one_vuln_no_link.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/twistlock/one_vuln_no_link.json"), encoding="utf-8") parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -32,14 +33,14 @@ def test_parse_file_with_no_link(self): self.assertEqual("PRISMA-2021-0013", findings[0].unsaved_vulnerability_ids[0]) def test_parse_file_with_many_vulns(self): - testfile = open(path.join(path.dirname(__file__), "../scans/twistlock/many_vulns.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/twistlock/many_vulns.json"), encoding="utf-8") parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(5, len(findings)) def test_parse_file_which_contain_packages_info(self): - testfile = open(path.join(path.dirname(__file__), "../scans/twistlock/findings_include_packages.json"), encoding="utf-8") + testfile = open(path.join(Path(__file__).parent, "../scans/twistlock/findings_include_packages.json"), encoding="utf-8") parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -47,7 +48,7 @@ def test_parse_file_which_contain_packages_info(self): def test_parse_file_prisma_twistlock_images_no_vuln(self): testfile = open( - path.join(path.dirname(__file__), "../scans/twistlock/scan_report_prisma_twistlock_images_no_vuln.csv"), encoding="utf-8", + path.join(Path(__file__).parent, "../scans/twistlock/scan_report_prisma_twistlock_images_no_vuln.csv"), encoding="utf-8", ) parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) @@ -56,7 +57,7 @@ def test_parse_file_prisma_twistlock_images_no_vuln(self): def test_parse_file_prisma_twistlock_images_four_vulns(self): testfile = open( - path.join(path.dirname(__file__), "../scans/twistlock/scan_report_prisma_twistlock_images_four_vulns.csv"), encoding="utf-8", + path.join(Path(__file__).parent, "../scans/twistlock/scan_report_prisma_twistlock_images_four_vulns.csv"), encoding="utf-8", ) parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) @@ -68,7 +69,7 @@ def test_parse_file_prisma_twistlock_images_four_vulns(self): def test_parse_file_prisma_twistlock_images_long_package_name(self): testfile = open( path.join( - path.dirname(__file__), "../scans/twistlock/scan_report_prisma_twistlock_images_long_package_name.csv", + Path(__file__).parent, "../scans/twistlock/scan_report_prisma_twistlock_images_long_package_name.csv", ), encoding="utf-8", ) parser = TwistlockParser()