Ruff: Add and fix PLW0127

[kiblik]

Add rule PLW0127 and fix it

[dryrunsecurity]

DryRun Security Summary

The code changes primarily focus on enhancing various security tool parsers in Defect Dojo by improving their robustness, accuracy, and efficiency in handling different report formats, vulnerability information extraction, and severity mapping, while also updating code quality standards through linter configurations.

Expand for full summary

Summary:

The provided code changes cover updates to several Python-based parsers used in the Defect Dojo application security platform. These parsers are responsible for integrating the results of various security scanning tools, such as Anchore, Govulncheck, NPM Audit, and Mend, into the Defect Dojo system.

The changes do not introduce any obvious security vulnerabilities, but they do focus on improving the robustness, accuracy, and efficiency of the parsing functionality. This includes enhancements like handling different report formats, improving vulnerability information extraction, deduplicating findings, and mapping severity levels to standardized formats.

Additionally, the changes to the Ruff linter configuration file suggest a focus on improving code quality and consistency, which can indirectly benefit the overall security of the application by helping to identify potential security issues.

Files Changed:

1. dojo/tools/dsop/parser.py: The changes remove a redundant assignment of the severity variable, which does not appear to have any significant security implications.

2. dojo/tools/govulncheck/parser.py: The changes simplify the assignment of the filename variable, which is also a non-security-related change.

3. dojo/tools/npm_audit_7_plus/parser.py: The changes enhance the parsing of NPM Audit v7+ scan results, including improved vulnerability information extraction, severity mapping, and vulnerability uniqueness handling. These changes strengthen the integration of the NPM Audit tool into the Defect Dojo platform.

4. dojo/tools/mend/parser.py: The changes improve the handling and parsing of Mend scan reports, including support for different report formats, vulnerability information extraction, deduplication, and mapping of severity levels. These changes enhance the ability to integrate Mend scan results into the Defect Dojo system.

5. ruff.toml: The changes update the Ruff linter configuration file to include a new code rule, "PLW0127", which is likely a quality or style-related check. While this does not have a direct security impact, it demonstrates a focus on improving the overall code quality and consistency.

Code Analysis

We ran 9 analyzers against 5 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[mtesauro]

Approved

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.