Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ruff: Fix RUF051 #11497

Merged
merged 1 commit into from
Jan 15, 2025
Merged

Ruff: Fix RUF051 #11497

merged 1 commit into from
Jan 15, 2025

Conversation

kiblik
Copy link
Contributor

@kiblik kiblik commented Jan 3, 2025

Fix RUF051. Enabler for #11490.

@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jan 3, 2025

DryRun Security Summary

The pull request focuses on improving the usability and maintainability of Defect Dojo's forms by removing the exclude_product_types field, enhancing form parameter handling, and making conditional changes to the FindingForm without introducing apparent security vulnerabilities.

Expand for full summary

Summary:

The code changes in this pull request are focused on improving the usability and maintainability of the Defect Dojo application's forms, with a consideration for security-relevant features. The key changes include the removal of the exclude_product_types field from the MetricsFilterForm, improvements to the __init__ method in various forms to ensure proper handling of form parameters, and changes to the FindingForm related to risk acceptance and SLA tracking. From an application security perspective, these changes do not introduce any obvious security vulnerabilities, but it's important to ensure that the filtering functionality in the MetricsFilterForm is thoroughly tested to verify that it still meets the application's security requirements. Overall, the changes appear to be a positive step towards enhancing the security and usability of the Defect Dojo application.

Files Changed:

  • dojo/forms.py: This file contains various Django forms used in the Defect Dojo application. The key changes include:
    • Removal of the exclude_product_types field from the MetricsFilterForm, which may impact the filtering functionality for metrics.
    • Improvements to the __init__ method in various forms to ensure proper handling of form parameters, such as using the kwargs.pop method to remove the form_tag and question parameters.
    • Changes to the FindingForm, including conditional display of the risk_accepted field based on the product's settings and the finding's risk acceptance status, disabling the sla_start_date and sla_expiration_date fields, and conditionally displaying the group field based on whether finding groups are enabled.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

mtesauro
mtesauro approved these changes Jan 5, 2025
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@mtesauro mtesauro merged commit a9a3642 into DefectDojo:dev Jan 15, 2025
72 checks passed
@kiblik kiblik deleted the ruff_RUF051 branch January 15, 2025 07:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blakeaowens blakeaowens blakeaowens approved these changes

@Maffooch Maffooch Maffooch approved these changes

@mtesauro mtesauro mtesauro approved these changes

@cneill cneill cneill approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@kiblik @cneill @mtesauro @Maffooch @blakeaowens