Ruff: Add and fix N999

[kiblik]

Add rule invalid-module-name (N999) and fix following violations:

dojo/settings/settings.dist.py:1:1: N999 Invalid module name: 'settings.dist'
tests/Import_scanner_test.py:1:1: N999 Invalid module name: 'Import_scanner_test'

This is a bit of radical change as it is renaming a globally used and known setting file. I will be happy for any feedback.

[dryrunsecurity]

DryRun Security Summary

The pull request implements comprehensive changes to DefectDojo's configuration file naming, documentation, and security measures, including renaming the default configuration file, addressing security vulnerabilities, improving sensitive information handling, and enhancing deduplication functionality across multiple files.

Expand for full summary

Summary:

This pull request contains a series of changes across multiple files in the DefectDojo application. The changes primarily focus on updating the configuration file naming conventions, improving documentation, and addressing various security-related concerns identified by static code analysis tools.

The key highlights include:

1. Renaming the default configuration file from settings.dist.py to settings_dist.py to maintain consistency throughout the codebase.
2. Updating documentation to provide clearer guidance on configuration management, including the use of local_settings.py for custom settings.
3. Addressing potential security vulnerabilities identified by tools like Bandit and GitLab SAST, such as the use of insecure hashing functions, unsafe XML parsing, and cross-site scripting (XSS) vulnerabilities.
4. Improving the handling of sensitive information, such as removing hardcoded credentials and URLs with passwords.
5. Enhancing the deduplication functionality and its associated logging and configuration.
6. Updating the unit testing configuration and infrastructure to ensure a secure and isolated test environment.

Overall, these changes demonstrate a proactive approach to improving the security and maintainability of the DefectDojo application. As an application security engineer, I would recommend thoroughly reviewing the individual changes and ensuring that they are properly implemented and tested before merging this pull request.

Files Changed:

1. .github/labeler.yml: Updated the file path for the settings_changes label.
2. .github/pull_request_template.md: Updated the label for the "settings_changes" category.
3. .github/release-drafter.yml: Updated the category title for changes to settings_dist.py and local_settings.py.
4. Dockerfile.django-alpine: Updated the environment variable for the default settings file.
5. docker/entrypoint-unit-tests.sh: Updated comments to reference the settings_dist.py file.
6. docker/entrypoint-unit-tests-devDocker.sh: Updated comments to reference the settings_dist.py file.
7. Dockerfile.django-debian: Updated comments to reference the settings_dist.py file.
8. docker/extra_settings/README.md: Updated file name references from settings.dist.py to settings_dist.py.
9. docs/content/en/open_source/contributing/how-to-write-a-parser.md: Updated file name references from settings.dist.py to settings_dist.py.
10. docs/content/en/open_source/archived_docs/jira.md: Updated the command to increase the logging level for the jira_status_reconciliation management command.
11. docs/content/en/open_source/archived_docs/usage/features.md: Updated the environment variable and configuration file names for the deduplication feature.
12. docs/content/en/open_source/integrations/social-authentication.md: Added documentation for various authentication methods, including security-related considerations.
13. docs/content/en/open_source/upgrading/2.35.md: Added an integrity check for the settings_dist.py file.
14. docs/content/en/open_source/upgrading/1.10.md: Documented breaking changes and security-related updates in version 1.10.4.
15. docs/content/en/open_source/installation/configuration.md: Updated file name references from settings.dist.py to settings_dist.py.
16. docs/content/en/open_source/upgrading/1.7.0.md: Documented changes to the search functionality in version 1.7.0.
17. dojo/settings/settings.py: Updated the include path for the default settings file.
18. dojo/settings/settings_dist.py: Updated the file name and comments.
19. dojo/settings/template-local_settings: Updated comments related to the Django debug toolbar configuration.
20. dojo/models.py: Updated logging to use the settings_dist.py file.
21. dojo/settings/unittests.py: Updated the settings file path.
22. readme-docs/CONTRIBUTING.md: Updated the link to the dojo_settings file.
23. ruff.toml: Added a new custom Ruff rule to the configuration.
24. `

Code Analysis

We ran 9 analyzers against 30 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Sensitive Files Analyzer	1 finding

View PR in the DryRun Dashboard.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[Maffooch]

@kiblik this one feels a little too radical form my taste. I think we should ignore this rule for now, and revisit in the future, if applicable

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.