Skip to content

Ruff: Add PLW#13104

Merged
mtesauro merged 2 commits intoDefectDojo:devfrom
manuel-sommer:PLW
Sep 5, 2025
Merged

Ruff: Add PLW#13104
mtesauro merged 2 commits intoDefectDojo:devfrom
manuel-sommer:PLW

Conversation

@manuel-sommer
Copy link
Copy Markdown
Contributor

@manuel-sommer manuel-sommer commented Sep 4, 2025

No description provided.

@github-actions github-actions Bot added the lint label Sep 4, 2025
@dryrunsecurity
Copy link
Copy Markdown

dryrunsecurity Bot commented Sep 4, 2025
edited
Loading

DryRun Security

🔴 Risk threshold exceeded.

This pull request includes edits to the sensitive file dojo/models.py (detected twice) which were flagged as failing by the configured codepaths rule; these findings are non-blocking. The scanner notes that sensitive paths and allowed authors can be configured in .dryrunsecurity.yaml.

🔴 Configured Codepaths Edit in dojo/models.py
Vulnerability Configured Codepaths Edit
Description Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml.
🔴 Configured Codepaths Edit in dojo/models.py
Vulnerability Configured Codepaths Edit
Description Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml.

We've notified @mtesauro.

All finding details can be found in the DryRun Security Dashboard.

Maffooch
Maffooch previously approved these changes Sep 4, 2025
View reviewed changes
@Maffooch Maffooch dismissed their stale review September 4, 2025 15:57

I am second guessing myself on this one. Going to test in an instance first

@Maffooch Maffooch self-requested a review September 4, 2025 15:57
Maffooch
Maffooch requested changes Sep 4, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@Maffooch Maffooch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was pretty sure that changing the variable and never doing anything would work, but wanted to double check. Since the values supplied by apply_cwe_to_template are directly on the object passed as the arg, we really don't need the finding returned at all. I think it would be pretty to remove it altogether. If it confused me, it will confuse others was well that are looking at this function

Comment thread dojo/models.py Outdated
mtesauro
mtesauro approved these changes Sep 4, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@mtesauro mtesauro merged commit d41ceaf into DefectDojo:dev Sep 5, 2025
84 checks passed
@manuel-sommer manuel-sommer deleted the PLW branch September 5, 2025 20:43
@valentijnscholten valentijnscholten added this to the 2.50.1 milestone Sep 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtesauro mtesauro mtesauro approved these changes

@paulOsinski paulOsinski paulOsinski approved these changes

@Maffooch Maffooch Maffooch approved these changes

@Jino-T Jino-T Jino-T approved these changes

Assignees

No one assigned

Labels

lint

Projects

None yet

Milestone

2.50.1

Development

Successfully merging this pull request may close these issues.

6 participants

@manuel-sommer @mtesauro @paulOsinski @Maffooch @Jino-T @valentijnscholten