Ruff: Add and fix S110 (+ merge all S1 rules)

dojo/benchmark/views.py

@@ -37,10 +37,8 @@ def add_benchmark(queryset, product):
         benchmark_product.control = requirement
         requirements.append(benchmark_product)
 
-    try:
-        Benchmark_Product.objects.bulk_create(requirements)
-    except Exception:
-        pass
+    # TODO: This code might need better exception handling or data processing
+    Benchmark_Product.objects.bulk_create(requirements)
 
 
 @user_is_authorized(Product, Permissions.Benchmark_Edit, "pid")

dojo/cred/views.py

@@ -585,10 +585,8 @@ def new_cred_finding(request, fid):
 @user_is_authorized(Cred_User, Permissions.Credential_Delete, "ttid")
 def delete_cred_controller(request, destination_url, id, ttid):
     cred = None
-    try:
-        cred = Cred_Mapping.objects.get(pk=ttid)
-    except:
-        pass
+    # TODO: This code might need better exception handling or data processing
+    cred = Cred_Mapping.objects.get(pk=ttid)
     if request.method == "POST":
         tform = CredMappingForm(request.POST, instance=cred)
         message = ""

dojo/finding/helper.py

@@ -171,14 +171,12 @@ def create_finding_group(finds, finding_group_name):
 
     # if user provided a name, we use that, else:
     # if we have components, we may set a nice name but catch 'name already exist' exceptions
-    try:
-        if finding_group_name:
-            finding_group.name = finding_group_name
-        elif finding_group.components:
-            finding_group.name = finding_group.components
-        finding_group.save()
-    except:
-        pass
+    # TODO: This code might need better exception handling or data processing
+    if finding_group_name:
+        finding_group.name = finding_group_name
+    elif finding_group.components:
+        finding_group.name = finding_group.components
+    finding_group.save()
 
     added = len(available_findings)
     skipped = len(finds) - added

dojo/middleware.py

@@ -1,5 +1,6 @@
 import logging
 import re
+from contextlib import suppress
 from threading import local
 from urllib.parse import quote
 
@@ -56,13 +57,10 @@ def __call__(self, request):
 
         if request.user.is_authenticated:
             logger.debug("Authenticated user: %s", str(request.user))
-            try:
+            with suppress(ModuleNotFoundError):  # to avoid unittests to fail
                 uwsgi = __import__("uwsgi", globals(), locals(), ["set_logvar"], 0)
                 # this populates dd_user log var, so can appear in the uwsgi logs
                 uwsgi.set_logvar("dd_user", str(request.user))
-            except:
-                # to avoid unittests to fail
-                pass
             path = request.path_info.lstrip("/")
             from dojo.models import Dojo_User
             if Dojo_User.force_password_reset(request.user) and path != "change_password":

dojo/product/views.py

@@ -964,11 +964,8 @@ def edit_product(request, pid):
 
             if get_system_setting("enable_github") and github_inst:
                 gform = GITHUB_Product_Form(request.POST, instance=github_inst)
-                # need to handle delete
-                try:
-                    gform.save()
-                except:
-                    pass
+                # TODO: This code might need better exception handling or data processing
+                gform.save()
             elif get_system_setting("enable_github"):
                 gform = GITHUB_Product_Form(request.POST)
                 if gform.is_valid():

dojo/templatetags/display_tags.py

@@ -429,13 +429,11 @@ def pic_token(context, image, size):
 
 @register.filter
 def inline_image(image_file):
-    try:
-        if img_type := mimetypes.guess_type(image_file.file.name)[0]:
-            if img_type.startswith("image/"):
-                img_data = base64.b64encode(image_file.file.read())
-                return f"data:{img_type};base64, {img_data.decode('utf-8')}"
-    except:
-        pass
+    # TODO: This code might need better exception handling or data processing
+    if img_type := mimetypes.guess_type(image_file.file.name)[0]:
+        if img_type.startswith("image/"):
+            img_data = base64.b64encode(image_file.file.read())
+            return f"data:{img_type};base64, {img_data.decode('utf-8')}"
     return ""
 
 

dojo/tools/gitlab_api_fuzzing/parser.py

@@ -28,12 +28,10 @@ def get_findings(self, file, test):
             title = vulnerability["name"]
             severity = self.normalise_severity(vulnerability["severity"])
             description = vulnerability.get("category", "")
-            try:
-                location = vulnerability["location"]
-                description += "\n" + location["crash_type"]
-                description += "\n" + location["crash_state"]
-            except:
-                pass
+            # TODO: This code might need better exception handling or data processing or data processing
+            location = vulnerability["location"]
+            description += "\n" + location["crash_type"]
+            description += "\n" + location["crash_state"]
             findings.append(
                 Finding(
                     title=title,

dojo/tools/h1/parser.py

@@ -121,24 +121,20 @@ def build_description(self, content):
             description += f"Triaged: {triaged_date}\n"
 
         # Try to grab CVSS
-        try:
-            cvss = content["relationships"]["severity"]["data"]["attributes"]["score"]
-            description += f"CVSS: {cvss}\n"
-        except Exception:
-            pass
+        # TODO: This code might need better exception handling or data processing
+        cvss = content["relationships"]["severity"]["data"]["attributes"]["score"]
+        description += f"CVSS: {cvss}\n"
 
         # Build rest of description meat
         description += "##Report: \n{}\n".format(
             content["attributes"]["vulnerability_information"],
         )
 
         # Try to grab weakness if it's there
-        try:
-            weakness_title = content["relationships"]["weakness"]["data"]["attributes"]["name"]
-            weakness_desc = content["relationships"]["weakness"]["data"]["attributes"]["description"]
-            description += f"\n##Weakness: {weakness_title}\n{weakness_desc}"
-        except Exception:
-            pass
+        # TODO: This code might need better exception handling or data processing
+        weakness_title = content["relationships"]["weakness"]["data"]["attributes"]["name"]
+        weakness_desc = content["relationships"]["weakness"]["data"]["attributes"]["description"]
+        description += f"\n##Weakness: {weakness_title}\n{weakness_desc}"
 
         return description
 

dojo/tools/kiuwan/parser.py

@@ -104,10 +104,8 @@ def get_findings(self, filename, test):
             finding.mitigation = "Not provided!"
             finding.severity = findingdict["severity"]
             finding.static_finding = True
-            try:
-                finding.cwe = int(row["CWE"])
-            except Exception:
-                pass
+            # TODO: This code might need better exception handling or data processing
+            finding.cwe = int(row["CWE"])
 
             if finding is not None:
                 if finding.title is None:

dojo/tools/veracode/json_parser.py

@@ -85,13 +85,11 @@ def get_items(self, tree, test):
             if not finding:
                 continue
             # Set the date of the finding from the report if it is present
-            try:
-                if settings.USE_FIRST_SEEN:
-                    finding.date = parser.parse(vuln.get("finding_status", {}).get("first_found_date", ""))
-                else:
-                    finding.date = parser.parse(vuln.get("finding_status", {}).get("last_found_date", ""))
-            except Exception:
-                pass
+            # TODO: This code might need better exception handling or data processing
+            if settings.USE_FIRST_SEEN:
+                finding.date = parser.parse(vuln.get("finding_status", {}).get("first_found_date", ""))
+            else:
+                finding.date = parser.parse(vuln.get("finding_status", {}).get("last_found_date", ""))
             # Generate the description
             finding = self.parse_description(finding, vuln.get("description"), scan_type)
             finding.nb_occurences = vuln.get("count", 1)

ruff.toml

@@ -41,7 +41,7 @@ select = [
    "UP",
    "YTT",
    "ASYNC",
-   "S2", "S5", "S7", "S101", "S104", "S105", "S106", "S108", "S311", "S112", "S113",
+   "S1", "S2", "S5", "S7", "S311",
    "FBT001", "FBT003",
    "A003", "A004", "A006",
    "COM",

tests/Import_scanner_test.py

@@ -172,11 +172,9 @@ def test_engagement_import_scan_result(self):
                 index = list(found_matches.keys())[0]
                 scan_map[test] = options_text[index]
             elif len(found_matches) > 1:
-                try:
-                    index = list(found_matches.values()).index(temp_test)
-                    scan_map[test] = options_text[list(found_matches.keys())[index]]
-                except:
-                    pass
+                # TODO: This code might need better exception handling or data processing
+                index = list(found_matches.values()).index(temp_test)
+                scan_map[test] = options_text[list(found_matches.keys())[index]]
 
         failed_tests = []
         for test in self.tests:

tests/base_test_class.py

@@ -237,13 +237,7 @@ def goto_all_findings_list(self, driver):
         return driver
 
     def wait_for_datatable_if_content(self, no_content_id, wrapper_id):
-        no_content = None
-        try:
-            no_content = self.driver.find_element(By.ID, no_content_id)
-        except:
-            pass
-
-        if no_content is None:
+        if not self.is_element_by_id_present(no_content_id):
             # wait for product_wrapper div as datatables javascript modifies the DOM on page load.
             WebDriverWait(self.driver, 30).until(
                 EC.presence_of_element_located((By.ID, wrapper_id)),