Ruff: add FLY (#9757)

DefectDojo · Mar 27, 2024 · 15b8f16 · 15b8f16
1 parent 272bde8
commit 15b8f16
Show file tree

Hide file tree

Showing 12 changed files with 14 additions and 61 deletions.
diff --git a/dojo/models.py b/dojo/models.py
@@ -1912,7 +1912,7 @@ def from_uri(uri):
             if v is None:
                 query_parts.append(k)
             else:
-                query_parts.append(u"=".join([k, v]))
+                query_parts.append(f"{k}={v}")
         query_string = u"&".join(query_parts)
 
         protocol = url.scheme if url.scheme != '' else None

diff --git a/dojo/tools/contrast/parser.py b/dojo/tools/contrast/parser.py
@@ -80,11 +80,7 @@ def get_findings(self, filename, test):
                 )
 
             dupe_key = hashlib.sha256(
-                "|".join(
-                    [
-                        finding.vuln_id_from_tool,
-                    ]
-                ).encode("utf-8")
+                f"{finding.vuln_id_from_tool}".encode("utf-8")
             ).digest()
 
             if dupe_key in dupes:

diff --git a/dojo/tools/generic/parser.py b/dojo/tools/generic/parser.py
@@ -232,13 +232,7 @@ def _get_findings_csv(self, filename):
 
             # manage internal de-duplication
             key = hashlib.sha256(
-                "|".join(
-                    [
-                        finding.severity,
-                        finding.title,
-                        finding.description,
-                    ]
-                ).encode("utf-8")
+                f"{finding.severity}|{finding.title}|{finding.description}".encode("utf-8")
             ).hexdigest()
             if key in dupes:
                 find = dupes[key]

diff --git a/dojo/tools/gitlab_dast/parser.py b/dojo/tools/gitlab_dast/parser.py
@@ -34,9 +34,7 @@ def get_items(self, tree, test):
             item = self.get_item(node, test, scanner)
 
             item_key = hashlib.sha256(
-                "|".join(
-                    [item.severity, item.title, item.description]
-                ).encode()
+                f"{item.severity}|{item.title}|{item.description}".encode()
             ).hexdigest()
 
             if item_key in items:

diff --git a/dojo/tools/microfocus_webinspect/parser.py b/dojo/tools/microfocus_webinspect/parser.py
@@ -82,13 +82,7 @@ def get_findings(self, file, test):
 
                 # make dupe hash key
                 dupe_key = hashlib.sha256(
-                    "|".join(
-                        [
-                            finding.description,
-                            finding.title,
-                            finding.severity,
-                        ]
-                    ).encode("utf-8")
+                    f"{finding.description}|{finding.title}|{finding.severity}".encode("utf-8")
                 ).hexdigest()
                 # check if dupes are present.
                 if dupe_key in dupes:

diff --git a/dojo/tools/pmd/parser.py b/dojo/tools/pmd/parser.py
@@ -54,14 +54,7 @@ def get_findings(self, filename, test):
             finding.mitigation = "No mitigation provided"
 
             key = hashlib.sha256(
-                "|".join(
-                    [
-                        finding.title,
-                        finding.description,
-                        finding.file_path,
-                        finding.line,
-                    ]
-                ).encode("utf-8")
+                f"{finding.title}|{finding.description}|{finding.file_path}|{finding.line}".encode("utf-8")
             ).hexdigest()
 
             if key not in dupes:

diff --git a/dojo/tools/spotbugs/parser.py b/dojo/tools/spotbugs/parser.py
@@ -123,13 +123,7 @@ def get_findings(self, filename, test):
             if "instanceHash" in bug.attrib:
                 dupe_key = bug.get("instanceHash")
             else:
-                dupe_key = "|".join(
-                    [
-                        "no_instance_hash",
-                        title,
-                        description,
-                    ]
-                )
+                dupe_key = f"no_instance_hash|{title}|{description}"
 
             if dupe_key in dupes:
                 find = dupes[dupe_key]

diff --git a/dojo/tools/trivy/parser.py b/dojo/tools/trivy/parser.py
@@ -206,13 +206,7 @@ def get_result_items(self, test, results, service_name=None, artifact_name=""):
                 else:
                     cwe = 0
                 type = target_data.get("Type", "")
-                title = " ".join(
-                    [
-                        vuln_id,
-                        package_name,
-                        package_version,
-                    ]
-                )
+                title = f"{vuln_id} {package_name} {package_version}"
                 description = DESCRIPTION_TEMPLATE.format(
                     title=vuln.get("Title", ""),
                     target=target,

diff --git a/dojo/tools/trivy_operator/parser.py b/dojo/tools/trivy_operator/parser.py
@@ -59,9 +59,9 @@ def get_findings(self, scan_file, test):
         resource_kind = labels.get("trivy-operator.resource.kind", "")
         resource_name = labels.get("trivy-operator.resource.name", "")
         container_name = labels.get("trivy-operator.container.name", "")
-        service = "/".join([resource_namespace, resource_kind, resource_name])
+        service = f"{resource_namespace}/{resource_kind}/{resource_name}"
         if container_name != "":
-            service = "/".join([service, container_name])
+            service = f"{service}/{container_name}"
 
         report = data.get("report", None)
         if report is None:
@@ -111,13 +111,7 @@ def get_findings(self, scan_file, test):
                 description = DESCRIPTION_TEMPLATE.format(
                     title=vulnerability.get("title"), fixed_version=mitigation
                 )
-                title = " ".join(
-                    [
-                        vuln_id,
-                        package_name,
-                        package_version,
-                    ]
-                )
+                title = f"{vuln_id} {package_name} {package_version}"
                 finding = Finding(
                     test=test,
                     title=title,

diff --git a/dojo/tools/trustwave/parser.py b/dojo/tools/trustwave/parser.py
@@ -60,9 +60,7 @@ def get_findings(self, filename, test):
             finding.unsaved_vulnerability_ids = [row.get("CVE")]
 
             dupes_key = hashlib.sha256(
-                "|".join(
-                    [finding.severity, finding.title, finding.description]
-                ).encode()
+                f"{finding.severity}|{finding.title}|{finding.description}".encode()
             ).hexdigest()
 
             if dupes_key in dupes:

diff --git a/dojo/tools/trustwave_fusion_api/parser.py b/dojo/tools/trustwave_fusion_api/parser.py
@@ -30,9 +30,7 @@ def get_findings(self, file, test):
             item = get_item(node, test)
 
             item_key = hashlib.sha256(
-                "|".join(
-                    [item.severity, item.title, item.description]
-                ).encode()
+                f"{item.severity}|{item.title}|{item.description}".encode()
             ).hexdigest()
 
             if item_key in items:

diff --git a/pyproject.toml b/pyproject.toml
@@ -2,7 +2,7 @@
  # Enable the pycodestyle (`E`) and Pyflakes (`F`) rules by default.
  # Unlike Flake8, Ruff doesn't enable pycodestyle warnings (`W`) or
  # McCabe complexity (`C901`) by default.
- lint.select = ["E", "F"]
+ lint.select = ["E", "F", "FLY"]
  lint.ignore = ["E501", "E722", "F821"]
 
  # Allow autofix for all enabled rules (when `--fix`) is provided.