Ruff: Add and fix SIM113

[kiblik]

Add rule enumerate-for-loop (SIM113) and fix it

[dryrunsecurity]

DryRun Security Summary

The pull request enhances the Dojo application security tool by improving the SARIF parser, report generation, OpenVAS CSV parser, finding management, and Ruff linter configuration to increase functionality, reliability, and security.

Expand for full summary

Summary:

The code changes in this pull request cover several components of the Dojo application security tool, including the SARIF parser, report generation, OpenVAS CSV parser, finding management, and the Ruff linter configuration. The changes are primarily focused on improving the functionality, reliability, and maintainability of these components, with a consideration for security-related aspects.

The key security-related changes include:

1. Enhancements to the SARIF parser to correctly handle severity information and fingerprinting, improving the accuracy of vulnerability data.
2. Improvements to the report generation functionality, such as enforcing the verified status of findings and limiting the display of sensitive information.
3. Optimizations and cleanup in the OpenVAS CSV parser, including deduplication of findings and validation of severity values.
4. Handling of duplicate findings and transitive duplicates in the finding management module, ensuring data integrity.
5. Removal of a security-related linting rule (SIM113) from the Ruff linter configuration, suggesting an improvement in the codebase's security posture.

Overall, the changes demonstrate a strong focus on improving the security and reliability of the Dojo application, with a proactive approach to addressing potential vulnerabilities and maintaining data integrity. The code changes appear to be well-designed and follow best practices, making the Dojo tool a more robust and secure application security solution.

Files Changed:

1. dojo/tools/sarif/parser.py: The changes improve the parsing and handling of SARIF reports, including better artifact handling, code flow description, severity handling, and fingerprinting.
2. dojo/reports/views.py: The changes refactor the report generation functionality, improve the handling of report options, optimize database queries, and enhance the CSV and Excel exports.
3. dojo/tools/openvas/csv_parser.py: The changes optimize and clean up the OpenVAS CSV parser, including deduplication of findings and validation of severity values.
4. dojo/finding/helper.py: The changes address the management of duplicate findings, including handling transitive duplicates and integrating with external issue tracking systems.
5. ruff.toml: The changes in the Ruff linter configuration include the removal of a security-related linting rule (SIM113) and the addition of new rules related to code style and formatting.
6. dojo/tools/skf/parser.py: The changes simplify and optimize the SKFParser class, which is responsible for parsing findings from an OWASP Security Knowledge Framework (SKF) CSV file, including deduplication of findings.

Code Analysis

We ran 9 analyzers against 6 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[mtesauro]

Approved