Ruff: Add and fix multiple flake8-use-pathlib

[manuel-sommer]

PTH101
PTH102
PTH103
PTH104
PTH105
PTH106
PTH107
PTH108
PTH109
PTH110
PTH111
PTH114
PTH115
PTH116
PTH117
PTH119
PTH121
PTH124

[dryrunsecurity]

DryRun Security Summary

The GitHub Pull Request focuses on improving the overall code quality, maintainability, and security of the DefectDojo application, including file handling improvements, JIRA integration enhancements, test suite improvements, and linter configuration updates.

Expand for full summary

Summary:

The changes in this GitHub Pull Request focus on improving the overall code quality, maintainability, and security of the DefectDojo application. The key updates include:

1. File Handling Improvements: The code changes replace the use of older file handling functions (e.g., os.remove(), os.mkdir()) with more modern and secure alternatives from the pathlib module. This helps ensure better cross-platform compatibility and reduces the risk of potential file-related vulnerabilities.

2. JIRA Integration Enhancements: The changes to the dojo/jira_link/helper.py file improve the reliability and robustness of the file attachment process when integrating with JIRA. This indirectly enhances the overall security of the application by ensuring that findings and other relevant information are properly synced between the application and JIRA.

3. Test Suite Improvements: The updates to the test suite, such as the tests/Import_scanner_test.py file, focus on improving the security and reliability of the scan import functionality. This includes verifying the correct handling of various scan types and ensuring that the import process can gracefully handle edge cases.

4. Linter Configuration Updates: The changes to the ruff.toml file demonstrate the development team's commitment to improving code quality and security by configuring the Ruff linter to enforce various code style and quality rules.

Overall, these changes reflect a proactive approach to enhancing the security and maintainability of the DefectDojo application. While the updates do not directly address any specific security vulnerabilities, they contribute to a more robust and secure codebase by improving file handling, JIRA integration, test coverage, and code quality practices.

Files Changed:

1. dojo/utils.py: The changes in this file improve the handling of uploaded threat model files by using the pathlib.Path module to create the necessary directory and standardize the file naming.
2. dojo/views.py: The updates in this file replace the use of os.remove() with the more secure Path().unlink() for removing files, and include a section to remove "orphan" files that are not associated with any Engagement, Test, or Finding.
3. dojo/jira_link/helper.py: The changes in this file improve the reliability of the file attachment process when integrating with JIRA by using the Path().name approach to get the correct file name.
4. dojo/models.py: The refactoring in this file replaces the use of os.path.basename() with Path(self.path.name).name to handle file names more robustly.
5. tests/finding_test.py: The update in this file replaces os.remove(file_name) with Path(file_name).unlink() to delete files in a more secure and cross-platform manner.
6. tests/Import_scanner_test.py: The changes in this file focus on improving the setup and testing of the scan import functionality, including better path handling, scan type mapping, and error handling.
7. ruff.toml: The updates to this configuration file demonstrate the development team's commitment to improving code quality and security by configuring the Ruff linter to enforce various code style and quality rules.

Code Analysis

We ran 9 analyzers against 7 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Configured Codepaths Analyzer	4 findings

Riskiness

🔴 Risk threshold exceeded.

We've notified @mtesauro, @grendel513.

View PR in the DryRun Dashboard.

[mtesauro]

Approved