Ruff: Add PLR04 and fix PLR0402

[kiblik]

Add all PLR04* rules and fix manual-from-import (PLR0402)

[dryrunsecurity]

DryRun Security Summary

The code changes update DefectDojo's configuration and model definitions by enhancing the Ruff linter settings and improving the handling of finding deduplication during deletion operations in the Engagement and Finding models, with a focus on maintaining data integrity and security.

Expand for full summary

Summary:

The provided code changes are primarily focused on updates to the configuration and model definitions of the DefectDojo application, an application security engineering tool. The changes in the ruff.toml file update the configuration of the Ruff linter, a Python code linter, to include additional linting rules. The changes in the dojo/models.py file update the delete() methods of the Engagement and Finding models to handle the deduplication of findings and related data more effectively.

From an application security perspective, the changes in the ruff.toml file do not directly impact the application's security, as they are focused on improving code quality and maintainability. However, it's worth reviewing the exclusions in the [lint.per-file-ignores] section to ensure that they do not inadvertently introduce any potential security vulnerabilities.

The changes in the dojo/models.py file are more security-relevant, as they ensure that the deduplication process is properly handled when deleting engagements and findings. Proper handling of duplicate data is crucial for maintaining data integrity and preventing potential security issues that could arise from orphaned or inconsistent data. These changes are an important improvement to the DefectDojo application's security and data management functionalities.

Files Changed:

1. ruff.toml: The changes in this file update the configuration of the Ruff linter, a Python code linter, to include a new linting rule ("PLR04") in the [lint] section. While these changes do not directly impact the application's security, it's worth reviewing the exclusions in the [lint.per-file-ignores] section to ensure that they do not inadvertently introduce any potential security vulnerabilities.

2. dojo/models.py: The changes in this file update the delete() methods of the Engagement and Finding models to call helper functions (prepare_duplicates_for_delete() and finding_delete()) from the dojo.finding.helper module before deleting the engagement or finding. These changes are important for ensuring that the deduplication process is properly handled, which is crucial for maintaining data integrity and preventing potential security issues that could arise from orphaned or inconsistent data.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[mtesauro]

Approved