Ruff: Add and fix PLW0127

[kiblik]

Add rule PLW0127 and fix it

[dryrunsecurity]

DryRun Security Summary

The code changes encompass minor optimizations and bug fixes across multiple Python files related to security scanning tool parsers, including improvements to compliance result parsing, location handling, and vulnerability information extraction, with no significant security implications.

Expand for full summary

Summary:

The provided code changes cover several Python files related to different security scanning tools and their corresponding parsers. The changes appear to be mostly minor optimizations and bug fixes, with no significant security implications. However, it's important to review the overall functionality of these parsers to ensure they are effectively handling and processing security-related information.

The key changes include:

1. Removal of redundant code in the __parse_anchore_compliance function of the parser.py file, which handles parsing Anchore compliance results.
2. Improvements to the handling of the locations list in the _build_common_output function of the mend/parser.py file, ensuring the output does not exceed a specific character limit.
3. Minor fixes to the get_item() function in the npm_audit_7_plus/parser.py file, which is responsible for parsing the output of the NPM Audit tool.
4. A minor change to the get_finding_trace_info function in the govulncheck/parser.py file, which handles parsing the output of the Govulncheck scanner for Go applications.
5. An update to the ruff.toml configuration file, adding a new linting rule to the Ruff linter.

Overall, these changes appear to be focused on improving the functionality and robustness of the various security scanning tool parsers, without introducing any significant security vulnerabilities. However, it's important to ensure that the parsers are properly handling and processing security-related information, as they play a crucial role in the application's overall security posture.

Files Changed:

1. dojo/tools/dsop/parser.py: The changes in this file are related to the __parse_anchore_compliance function, which handles parsing the "Anchore Compliance Results" sheet in an XLSX file. The changes remove a redundant line of code and do not introduce any security implications.

2. dojo/tools/mend/parser.py: The changes in this file are focused on the _build_common_output function, which handles the locations list. The changes ensure that the total length of the concatenated locations does not exceed a specific character limit, which is an important security enhancement.

3. dojo/tools/npm_audit_7_plus/parser.py: The changes in this file are minor, removing a redundant variable assignment in the get_item() function. The overall parser functionality appears to be well-designed for handling the output of the NPM Audit tool.

4. dojo/tools/govulncheck/parser.py: The changes in this file are a minor fix to the variable assignment in the get_finding_trace_info function, which is responsible for extracting vulnerability information from the Govulncheck scanner output.

5. ruff.toml: The changes in this file update the ruff.toml configuration, adding a new linting rule to the Ruff linter. This change is not directly related to security, but it can help improve the overall code quality and maintainability of the project.

Code Analysis

We ran 9 analyzers against 5 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[mtesauro]

Approved

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.