-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ruff: Add and fix S110 (+ merge all S1 rules) #11256
Conversation
DryRun Security SummaryThis pull request covers a variety of code changes in the DefectDojo application, focusing on improving error handling, input validation, logging, and security-related features across different components of the application, with the goal of enhancing the overall security posture of the application. Expand for full summarySummary: The code changes in this pull request cover a variety of files and functionality within the DefectDojo application, a popular open-source web application for managing the software vulnerability lifecycle. The changes focus on improving error handling, input validation, logging, and security-related features across different components of the application. Key security-related improvements include:
While the changes do not introduce any obvious security vulnerabilities, it's crucial to continue reviewing the entire codebase and considering the broader context of the application to identify and address any potential security risks. Files Changed:
Code AnalysisWe ran
|
586b87c
to
f8660e5
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of passing, could we get by on logging the exception? That seems safer than removing the exception handling altogether
In general, I do not consider "suppressing exceptions and replacing them with writing to error log" as the best approach. Admins usually check logs only if there is wrong behavior or if they have some smart rules in their central monitoring. Simple ignoring of errors is not the best. I made rewrites and I suppose I solved most of the cases which might be problematic.
But I’m happy for any feedback. |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
Conflicts have been resolved. A maintainer will review the pull request shortly. |
@Maffooch, how do you see this PR? Do you accept my adjustments and reasonings? |
Confirmed with Cody that he's good with the changes made
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved
Add and fix https://docs.astral.sh/ruff/rules/try-except-pass/