Ruff: fix Q003

Author: kiblik

dojo/filters.py

@@ -1611,7 +1611,7 @@ class FindingFilterHelper(FilterSet):
             "The range of EPSS score percentages to filter on; the left input is a lower bound, "
             "the right is an upper bound. Leaving one empty will skip that bound (e.g., leaving "
             "the lower bound input empty will filter only on the upper bound -- filtering on "
-            "\"less than or equal\")."
+            '"less than or equal").'
         ))
     epss_percentile = PercentageFilter(field_name="epss_percentile", label="EPSS percentile")
     epss_percentile_range = PercentageRangeFilter(
@@ -1620,7 +1620,7 @@ class FindingFilterHelper(FilterSet):
         help_text=(
             "The range of EPSS percentiles to filter on; the left input is a lower bound, the right "
             "is an upper bound. Leaving one empty will skip that bound (e.g., leaving the lower bound "
-            "input empty will filter only on the upper bound -- filtering on \"less than or equal\")."
+            'input empty will filter only on the upper bound -- filtering on "less than or equal").'
         ))
 
     o = OrderingFilter(

dojo/finding/views.py

@@ -1709,7 +1709,7 @@ def request_finding_review(request, fid):
                 finding=finding,
                 reviewers=reviewers,
                 recipients=reviewers_usernames,
-                description=f"User {user.get_full_name()} has requested that user(s) {reviewers_string} review the finding \"{finding.title}\" for accuracy:\n\n{new_note}",
+                description=f'User {user.get_full_name()} has requested that user(s) {reviewers_string} review the finding "{finding.title}" for accuracy:\n\n{new_note}',
                 icon="check",
                 url=reverse("view_finding", args=(finding.id,)),
             )

dojo/jira_link/views.py

@@ -542,7 +542,7 @@ def post(self, request, tid=None):
                     create_notification(
                         event='jira_config_deleted',
                         title=_('Deletion of JIRA: %s') % jira_instance.configuration_name,
-                        description=f"JIRA \"{jira_instance.configuration_name}\" was deleted by {request.user}",
+                        description=f'JIRA "{jira_instance.configuration_name}" was deleted by {request.user}',
                         url=request.build_absolute_uri(reverse('jira')))
                     return HttpResponseRedirect(reverse('jira'))
                 except Exception as e:

dojo/models.py

@@ -3910,7 +3910,7 @@ class JIRA_Project(models.Model):
     engagement = models.OneToOneField(Engagement, on_delete=models.CASCADE, null=True, blank=True)
     component = models.CharField(max_length=200, blank=True)
     custom_fields = models.JSONField(max_length=200, blank=True, null=True,
-                                   help_text=_("JIRA custom field JSON mapping of Id to value, e.g. {\"customfield_10122\": [{\"name\": \"8.0.1\"}]}"))
+                                   help_text=_('JIRA custom field JSON mapping of Id to value, e.g. {"customfield_10122": [{"name": "8.0.1"}]}'))
     default_assignee = models.CharField(max_length=200, blank=True, null=True,
                                      help_text=_("JIRA default assignee (name). If left blank then it defaults to whatever is configured in JIRA."))
     jira_labels = models.CharField(max_length=200, blank=True, null=True,

dojo/sla_config/views.py

@@ -42,7 +42,7 @@ def edit_sla_config(request, slaid):
     if request.method == 'POST' and request.POST.get('delete'):
         if sla_config.id != 1:
             if Product.objects.filter(sla_configuration=sla_config).count():
-                msg = f"The \"{sla_config}\" SLA configuration could not be deleted, as it is currently in use by one or more products."
+                msg = f'The "{sla_config}" SLA configuration could not be deleted, as it is currently in use by one or more products.'
                 messages.add_message(request,
                                     messages.ERROR,
                                     msg,

dojo/templatetags/display_tags.py

@@ -378,7 +378,7 @@ def notspecified(text):
     if text:
         return text
     else:
-        return mark_safe("<em class=\"text-muted\">Not Specified</em>")
+        return mark_safe('<em class="text-muted">Not Specified</em>')
 
 
 @register.tag

dojo/tools/api_sonarqube/api_client.py

@@ -265,7 +265,7 @@ def get_issue(self, issue_key):
             if issue["key"] == issue_key:
                 return issue
         msg = (
-            f"Expected Issue \"{issue_key}\", but it returned"
+            f'Expected Issue "{issue_key}", but it returned'
             f"{[x.get('key') for x in response.json().get('issues')]}. "
             "Full response: "
             f"{response.json()}"

unittests/tools/test_mozilla_observatory_parser.py

@@ -106,7 +106,7 @@ def test_parse_file_cli_juicy(self):
                 elif "subresource-integrity" == finding.vuln_id_from_tool:
                     with self.subTest(vuln_id_from_tool=finding.vuln_id_from_tool):
                         self.assertTrue(finding.active)
-                        self.assertEqual("Subresource Integrity (SRI) not implemented, and external scripts are loaded over HTTP or use protocol-relative URLs via src=\"//...\"", finding.title)
+                        self.assertEqual('Subresource Integrity (SRI) not implemented, and external scripts are loaded over HTTP or use protocol-relative URLs via src="//..."', finding.title)
                         self.assertEqual("High", finding.severity)
                         self.assertIn("Subresource Integrity (SRI) not implemented", finding.description)
                 elif "redirection" == finding.vuln_id_from_tool:
@@ -159,7 +159,7 @@ def test_parse_file_cli_nmap_scanme(self):
                 elif "subresource-integrity" == finding.vuln_id_from_tool:
                     with self.subTest(vuln_id_from_tool=finding.vuln_id_from_tool):
                         self.assertTrue(finding.active)
-                        self.assertEqual("Subresource Integrity (SRI) not implemented, and external scripts are loaded over HTTP or use protocol-relative URLs via src=\"//...\"", finding.title)
+                        self.assertEqual('Subresource Integrity (SRI) not implemented, and external scripts are loaded over HTTP or use protocol-relative URLs via src="//..."', finding.title)
                         self.assertEqual("High", finding.severity)
                         self.assertIn("Subresource Integrity (SRI) not implemented", finding.description)
                 elif "redirection" == finding.vuln_id_from_tool:

unittests/tools/test_nexpose_parser.py

@@ -65,7 +65,7 @@ def test_nexpose_parser_has_many_finding(self):
 
             # vuln 5
             finding = findings[5]
-            self.assertEqual("Default SSH password: root password \"root\"", finding.title)
+            self.assertEqual('Default SSH password: root password "root"', finding.title)
             self.assertEqual(1, len(finding.unsaved_endpoints))
 
             # vuln 5 - endpoint

unittests/tools/test_nikto_parser.py

@@ -166,7 +166,7 @@ def test_parse_file_xml_another(self):
                 self.assertIsNone(endpoint.path)
             with self.subTest(i=5):
                 finding = findings[5]
-                self.assertEqual("The Content-Encoding header is set to \"deflate\" this may mean that the server is vulnerable to the BREACH attack.", finding.title)
+                self.assertEqual('The Content-Encoding header is set to "deflate" this may mean that the server is vulnerable to the BREACH attack.', finding.title)
                 self.assertEqual("999966", finding.vuln_id_from_tool)
                 self.assertEqual(1, finding.nb_occurences)
                 self.assertEqual("Info", finding.severity)

unittests/tools/test_qualys_parser.py

@@ -154,7 +154,7 @@ def test_parse_file_with_cvss_values_and_scores(self):
                     finding_cvssv3_score = finding
                 if finding.unsaved_endpoints[0].host == "demo13.s02.sjc01.qualys.com" and finding.title == "QID-370876 | AMD Processors Multiple Security Vulnerabilities (RYZENFALL/MASTERKEY/CHIMERA-FW/FALLOUT)":
                     finding_no_cvssv3_at_detection = finding
-                if finding.unsaved_endpoints[0].host == "demo14.s02.sjc01.qualys.com" and finding.title == "QID-121695 | NTP \"monlist\"  Feature Denial of Service Vulnerability":
+                if finding.unsaved_endpoints[0].host == "demo14.s02.sjc01.qualys.com" and finding.title == 'QID-121695 | NTP "monlist"  Feature Denial of Service Vulnerability':
                     finding_no_cvssv3 = finding
             # The CVSS Vector is not used from the Knowledgebase
             self.assertEqual(

unittests/tools/test_semgrep_parser.py

@@ -22,9 +22,9 @@ def test_parse_one_finding(self):
             self.assertEqual("src/main/java/org/owasp/benchmark/testcode/BenchmarkTest02194.java", finding.file_path)
             self.assertEqual(64, finding.line)
             self.assertEqual(696, finding.cwe)
-            self.assertEqual("javax crypto Cipher.getInstance(\"AES/GCM/NoPadding\");", finding.mitigation)
+            self.assertEqual('javax crypto Cipher.getInstance("AES/GCM/NoPadding");', finding.mitigation)
             self.assertEqual("java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle", finding.vuln_id_from_tool)
-            self.assertIn("javax.crypto.Cipher c = javax.crypto.Cipher.getInstance(\"DES/CBC/PKCS5Padding\");", finding.description)
+            self.assertIn('javax.crypto.Cipher c = javax.crypto.Cipher.getInstance("DES/CBC/PKCS5Padding");', finding.description)
             self.assertIn("Using CBC with PKCS5Padding is susceptible to padding orcale attacks", finding.description)
 
     def test_parse_many_finding(self):
@@ -37,14 +37,14 @@ def test_parse_many_finding(self):
             self.assertEqual("src/main/java/org/owasp/benchmark/testcode/BenchmarkTest02194.java", finding.file_path)
             self.assertEqual(64, finding.line)
             self.assertEqual(696, finding.cwe)
-            self.assertEqual("javax crypto Cipher.getInstance(\"AES/GCM/NoPadding\");", finding.mitigation)
+            self.assertEqual('javax crypto Cipher.getInstance("AES/GCM/NoPadding");', finding.mitigation)
             self.assertEqual("java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle", finding.vuln_id_from_tool)
             finding = findings[2]
             self.assertEqual("Info", finding.severity)
             self.assertEqual("src/main/java/org/owasp/benchmark/testcode/BenchmarkTest01150.java", finding.file_path)
             self.assertEqual(66, finding.line)
             self.assertEqual(696, finding.cwe)
-            self.assertEqual("javax crypto Cipher.getInstance(\"AES/GCM/NoPadding\");", finding.mitigation)
+            self.assertEqual('javax crypto Cipher.getInstance("AES/GCM/NoPadding");', finding.mitigation)
             self.assertEqual("java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle", finding.vuln_id_from_tool)
 
     def test_parse_repeated_finding(self):
@@ -58,7 +58,7 @@ def test_parse_repeated_finding(self):
             self.assertEqual(66, finding.line)
             self.assertEqual("java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle", finding.vuln_id_from_tool)
             self.assertEqual(696, finding.cwe)
-            self.assertEqual("javax crypto Cipher.getInstance(\"AES/GCM/NoPadding\");", finding.mitigation)
+            self.assertEqual('javax crypto Cipher.getInstance("AES/GCM/NoPadding");', finding.mitigation)
             self.assertEqual(2, finding.nb_occurences)
 
     def test_parse_many_vulns(self):