DefectDojo · mtesauro · Feb 12, 2025 · Feb 2, 2025
@@ -118,9 +118,7 @@ def return_score(queryset):
     for item in queryset:
         if item["pass_fail"]:
             asvs_level_1_score = item["pass_fail__count"]
-        asvs_level_1_benchmark = (
-            asvs_level_1_benchmark + item["pass_fail__count"]
-        )
+        asvs_level_1_benchmark += item["pass_fail__count"]
 
     return asvs_level_1_benchmark, asvs_level_1_score
 

@@ -334,8 +334,7 @@ def __init__(self, *args, **kwargs):
                 # we defer applying the select2 autocomplete because there can be multiple forms on the same page
                 # and form.js would then apply select2 multiple times, resulting in duplicated fields
                 # the initialization now happens in filter_js_snippet.html
-                self.form.fields[field].widget.tag_options = \
-                    self.form.fields[field].widget.tag_options + tagulous.models.options.TagOptions(autocomplete_settings={"width": "200px", "defer": True})
+                self.form.fields[field].widget.tag_options += tagulous.models.options.TagOptions(autocomplete_settings={"width": "200px", "defer": True})
                 tagged_model, exclude = get_tags_model_from_field_name(field)
                 if tagged_model:  # only if not the normal tags field
                     self.form.fields[field].label = get_tags_label_from_model(tagged_model)
@@ -1592,7 +1591,7 @@ def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
 
     def filter_percentage(self, queryset, name, value):
-        value = value / decimal.Decimal("100.0")
+        value /= decimal.Decimal("100.0")
         # Provide some wiggle room for filtering since the UI rounds to two places (and because floats):
         # a user may enter 0.15, but we'll return everything in [0.0015, 0.0016).
         # To do this, add to our value 1^(whatever the exponent for our least significant digit place is), but ensure

@@ -1379,9 +1379,9 @@ def defect_finding_review(request, fid):
             # Add the closing note
             if push_to_jira and not finding_in_group:
                 if defect_choice == "Close Finding":
-                    new_note.entry = new_note.entry + "\nJira issue set to resolved."
+                    new_note.entry += "\nJira issue set to resolved."
                 else:
-                    new_note.entry = new_note.entry + "\nJira issue re-opened."
+                    new_note.entry += "\nJira issue re-opened."
                 jira_helper.add_comment(finding, new_note, force_push=True)
             # Save the finding
             finding.save(push_to_jira=(push_to_jira and not finding_in_group))

@@ -433,7 +433,7 @@ def get_charting_data(
     if period == MetricsPeriod.WEEK:
         # For weeks, start at the first day of the specified week
         start_date = datetime(start_date.year, start_date.month, start_date.day, tzinfo=tz)
-        start_date = start_date + timedelta(days=-start_date.weekday())
+        start_date += timedelta(days=-start_date.weekday())
     else:
         # For months, start on the first day of the month
         start_date = datetime(start_date.year, start_date.month, 1, tzinfo=tz)

@@ -857,11 +857,11 @@ def calc_health(self):
         health = 100
         if c_findings.count() > 0:
             health = 40
-            health = health - ((c_findings.count() - 1) * 5)
+            health -= ((c_findings.count() - 1) * 5)
         if h_findings.count() > 0:
             if health == 100:
                 health = 60
-            health = health - ((h_findings.count() - 1) * 2)
+            health -= ((h_findings.count() - 1) * 2)
         if health < 5:
             return 5
         return health
@@ -2835,16 +2835,16 @@ def compute_hash_code(self):
             if hashcodeField == "endpoints":
                 # For endpoints, need to compute the field
                 myEndpoints = self.get_endpoints()
-                fields_to_hash = fields_to_hash + myEndpoints
+                fields_to_hash += myEndpoints
                 deduplicationLogger.debug(hashcodeField + " : " + myEndpoints)
             elif hashcodeField == "vulnerability_ids":
                 # For vulnerability_ids, need to compute the field
                 my_vulnerability_ids = self.get_vulnerability_ids()
-                fields_to_hash = fields_to_hash + my_vulnerability_ids
+                fields_to_hash += my_vulnerability_ids
                 deduplicationLogger.debug(hashcodeField + " : " + my_vulnerability_ids)
             else:
                 # Generically use the finding attribute having the same name, converts to str in case it's integer
-                fields_to_hash = fields_to_hash + str(getattr(self, hashcodeField))
+                fields_to_hash += str(getattr(self, hashcodeField))
                 deduplicationLogger.debug(hashcodeField + " : " + str(getattr(self, hashcodeField)))
         deduplicationLogger.debug("compute_hash_code - fields_to_hash = " + fields_to_hash)
         return self.hash_fields(fields_to_hash)

@@ -884,7 +884,7 @@ def generate_url(scheme, double_slashes, user, password, host, port, path, param
         # https://warehouse.python.org/project/whitenoise/
         "whitenoise.middleware.WhiteNoiseMiddleware",
     ]
-    MIDDLEWARE = MIDDLEWARE + WHITE_NOISE
+    MIDDLEWARE += WHITE_NOISE
 
 EMAIL_CONFIG = env.email_url(
     "DD_EMAIL_URL", default="smtp://user@:password@localhost:25")

@@ -789,7 +789,7 @@ def answer_empty_survey(request, esid):
             survey.responder = request.user if not request.user.is_anonymous else None
             survey.answered_on = date.today()
             survey.save()
-            general_survey.num_responses = general_survey.num_responses + 1
+            general_survey.num_responses += 1
             general_survey.save()
             if request.user.is_anonymous:
                 message = "Your responses have been recorded."

@@ -9,7 +9,7 @@
 @register.filter
 def bleach_announcement_message(message):
     allowed_attributes = bleach.ALLOWED_ATTRIBUTES
-    allowed_attributes["a"] = allowed_attributes["a"] + ["style", "target"]
+    allowed_attributes["a"] += ["style", "target"]
     return mark_safe(bleach.clean(
         message,
         attributes=allowed_attributes,

@@ -17,7 +17,7 @@ def get_banner_conf(attribute):
             if attribute == "banner_message":
                 # only admin can edit login banner, so we allow html, but still bleach it
                 allowed_attributes = bleach.ALLOWED_ATTRIBUTES
-                allowed_attributes["a"] = allowed_attributes["a"] + ["style", "target"]
+                allowed_attributes["a"] += ["style", "target"]
                 return mark_safe(bleach.clean(
                     value,
                     attributes=allowed_attributes,

@@ -136,7 +136,7 @@ def test_product_connection(self, api_scan_configuration):
             api_scan_configuration.service_key_2,
         )
         for page in submission_gen:
-            submissions = submissions + page
+            submissions += page
         submission_number = len(submissions)
         return (
             f'You have access to "{submission_number}" submissions (no duplicates)'

@@ -40,12 +40,8 @@ def get_items(self, tree, test):
             item = self.get_item(node, report_date)
             dupe_key = item.severity + item.title
             if dupe_key in items:
-                items[dupe_key].unsaved_endpoints = (
-                    items[dupe_key].unsaved_endpoints + item.unsaved_endpoints
-                )
-                items[dupe_key].unsaved_req_resp = (
-                    items[dupe_key].unsaved_req_resp + item.unsaved_req_resp
-                )
+                items[dupe_key].unsaved_endpoints += item.unsaved_endpoints
+                items[dupe_key].unsaved_req_resp += item.unsaved_req_resp
                 items[dupe_key].nb_occurences += 1
             else:
                 items[dupe_key] = item

@@ -41,12 +41,8 @@ def get_items(self, tree, test):
             item = get_item(node, test)
             dupe_key = item.vuln_id_from_tool
             if dupe_key in items:
-                items[dupe_key].unsaved_endpoints = (
-                    items[dupe_key].unsaved_endpoints + item.unsaved_endpoints
-                )
-                items[dupe_key].unsaved_req_resp = (
-                    items[dupe_key].unsaved_req_resp + item.unsaved_req_resp
-                )
+                items[dupe_key].unsaved_endpoints += item.unsaved_endpoints
+                items[dupe_key].unsaved_req_resp += item.unsaved_req_resp
 
                 # Description details of the finding are added
                 items[dupe_key].description = (

@@ -88,7 +88,7 @@ def combine_findings(self, finding, issue):
                     finding["Description"] += description + "\n\n"
 
         if issue.get("evidence"):
-            finding["Evidence"] = finding["Evidence"] + self.parse_evidence(
+            finding["Evidence"] += self.parse_evidence(
                 issue.get("evidence"),
             )
 

@@ -74,7 +74,7 @@ def _get_findings_xml(self, filename, test):
                     if language not in language_list:
                         language_list[language] = 1
                     else:
-                        language_list[language] = language_list[language] + 1
+                        language_list[language] += 1
 
                 if group is not None:
                     findingdetail = f"{findingdetail}**Group:** {group}\n"
@@ -177,7 +177,7 @@ def _process_result_file_name_aggregated(
             # We have already created a finding for this aggregate: updates the
             # description and the nb_occurences
             find = dupes[aggregateKeys]
-            find.nb_occurences = find.nb_occurences + 1
+            find.nb_occurences += 1
             if find.nb_occurences == 2:
                 find.description = f"### 1. {find.title}\n{find.description}"
             find.description = f"{find.description}\n\n-----\n### {find.nb_occurences}. {title}\n{findingdetail}\n{description}"

@@ -127,10 +127,7 @@ def _get_findings_json(self, file, test):
                         if not finding.active:
                             detail = analysis.get("detail")
                             if detail:
-                                finding.mitigation = (
-                                    finding.mitigation
-                                    + f"\n**This vulnerability is mitigated and/or suppressed:** {detail}\n"
-                                )
+                                finding.mitigation += f"\n**This vulnerability is mitigated and/or suppressed:** {detail}\n"
                 findings.append(finding)
         return findings
 

@@ -294,9 +294,6 @@ def _manage_vulnerability_xml(
                             "b:detail", namespaces=ns,
                         )
                         if detail:
-                            finding.mitigation = (
-                                finding.mitigation
-                                + f"\n**This vulnerability is mitigated and/or suppressed:** {detail}\n"
-                            )
+                            finding.mitigation += f"\n**This vulnerability is mitigated and/or suppressed:** {detail}\n"
             findings.append(finding)
         return findings
@@ -298,10 +298,7 @@ def get_finding_from_vulnerability(
                 notes = "Document on why we are suppressing this vulnerability is missing!"
                 tags.append("no_suppression_document")
             mitigation = f"**This vulnerability is mitigated and/or suppressed:** {notes}\n"
-            mitigation = (
-                mitigation
-                + f"Update {component_name}:{component_version} to at least the version recommended in the description"
-            )
+            mitigation += f"Update {component_name}:{component_version} to at least the version recommended in the description"
             mitigated = datetime.datetime.now(datetime.UTC)
             is_Mitigated = True
             active = False

@@ -180,7 +180,7 @@ def _convert_dependency_track_finding_to_dojo_finding(self, dependency_track_fin
         # Append purl info if it is present
         if "purl" in dependency_track_finding["component"] and dependency_track_finding["component"]["purl"] is not None:
             component_purl = dependency_track_finding["component"]["purl"]
-            vulnerability_description = vulnerability_description + f"\nThe purl of the affected component is: {component_purl}."
+            vulnerability_description += f"\nThe purl of the affected component is: {component_purl}."
             # there is no file_path in the report, but defect dojo needs it otherwise it skips deduplication:
             # see https://github.com/DefectDojo/django-DefectDojo/issues/3647
             # might be no longer needed in the future, and is not needed if people use the default
@@ -191,11 +191,11 @@ def _convert_dependency_track_finding_to_dojo_finding(self, dependency_track_fin
 
         # Append other info about vulnerability description info if it is present
         if "title" in dependency_track_finding["vulnerability"] and dependency_track_finding["vulnerability"]["title"] is not None:
-            vulnerability_description = vulnerability_description + "\nVulnerability Title: {title}".format(title=dependency_track_finding["vulnerability"]["title"])
+            vulnerability_description += "\nVulnerability Title: {title}".format(title=dependency_track_finding["vulnerability"]["title"])
         if "subtitle" in dependency_track_finding["vulnerability"] and dependency_track_finding["vulnerability"]["subtitle"] is not None:
-            vulnerability_description = vulnerability_description + "\nVulnerability Subtitle: {subtitle}".format(subtitle=dependency_track_finding["vulnerability"]["subtitle"])
+            vulnerability_description += "\nVulnerability Subtitle: {subtitle}".format(subtitle=dependency_track_finding["vulnerability"]["subtitle"])
         if "description" in dependency_track_finding["vulnerability"] and dependency_track_finding["vulnerability"]["description"] is not None:
-            vulnerability_description = vulnerability_description + "\nVulnerability Description: {description}".format(description=dependency_track_finding["vulnerability"]["description"])
+            vulnerability_description += "\nVulnerability Description: {description}".format(description=dependency_track_finding["vulnerability"]["description"])
         if "uuid" in dependency_track_finding["vulnerability"] and dependency_track_finding["vulnerability"]["uuid"] is not None:
             vuln_id_from_tool = dependency_track_finding["vulnerability"]["uuid"]
 

@@ -122,7 +122,7 @@ def get_findings(self, file, test):
                                             for codeitem in codeblock:
                                                 if codeitem.tag == "item" and codeitem.attrib["type"] == "string":
                                                     if codeitem.text is None:
-                                                        recommendations = recommendations + "\n"
+                                                        recommendations += "\n"
                                                     else:
                                                         recommendations = recommendations + self.xmltreehelper(codeitem) + "\n"
 

@@ -105,7 +105,7 @@ def process_component(component):
     fixed_versions = component.get("fixed_versions")
     if fixed_versions:
         mitigation = "**Versions containing a fix:**\n\n- "
-        mitigation = mitigation + "\n- ".join(fixed_versions)
+        mitigation += "\n- ".join(fixed_versions)
     if "impact_paths" in component:
         refs = []
         impact_paths_l1 = component["impact_paths"]

@@ -84,7 +84,7 @@ def get_item(vulnerability, test):
         and len(vulnerability["fixed_versions"]) > 0
     ):
         mitigation = "Versions containing a fix:\n"
-        mitigation = mitigation + "\n".join(vulnerability["fixed_versions"])
+        mitigation += "\n".join(vulnerability["fixed_versions"])
 
     if (
         "external_advisory_source" in vulnerability

@@ -94,7 +94,7 @@ def get_item(vulnerability, test):
 
     if "fixed_versions" in vulnerability["component_versions"]:
         mitigation = "**Versions containing a fix:**\n"
-        mitigation = mitigation + "\n".join(
+        mitigation += "\n".join(
             vulnerability["component_versions"]["fixed_versions"],
         )
 

@@ -303,7 +303,7 @@ def get_findings(self, filename, test):
                 file_path = None
 
                 if "path" in finding:
-                    description = description + "\n\n**Files:**\n"
+                    description += "\n\n**Files:**\n"
                     for path in finding["path"]:
                         if file_path is None:
                             file_path = path
@@ -335,7 +335,7 @@ def get_findings(self, filename, test):
             file_path = None
             if mobsf_finding["category"]:
                 description += "**Category:** " + mobsf_finding["category"] + "\n\n"
-            description = description + html2text(mobsf_finding["description"])
+            description += html2text(mobsf_finding["description"])
             finding = Finding(
                 title=title,
                 cwe=919,  # Weaknesses in Mobile Applications

@@ -120,10 +120,10 @@ def __get_items(self, data):
                                     or key[i - 1] == "PolicyDocument"
                                 ):
                                     break
-                        i = i + 1
+                        i += 1
 
                     self.recursive_print(lookup)
-                    description_text = description_text + self.item_data
+                    description_text += self.item_data
                     self.item_data = ""
 
                     find = Finding(
@@ -166,7 +166,7 @@ def tabs(n):
                 self.recursive_print(litem, depth + 2)
         else:
             if self.pdepth != depth:
-                self.item_data = self.item_data + "\n"
+                self.item_data += "\n"
             if key:
                 self.item_data = (
                     self.item_data

@@ -97,7 +97,7 @@ def process_result_file_name_aggregated(
             find = dupes[aggregateKeys]
             find.description = f"{find.description}\n{descriptionOneOccurence}"
             find.mitigation = f"{find.mitigation}\n______\n{vuln_mitigation}"
-            find.nb_occurences = find.nb_occurences + 1
+            find.nb_occurences += 1
 
     # Process one vuln from the report for "SonarQube Scan detailed"
     # Create the finding and add it into the dupes list

@@ -108,11 +108,11 @@ def get_findings(self, filename, test):
                 try:
                     if "list" in endpoints["details"]["suites"]:
                         for suites in endpoints["details"]["suites"]["list"]:
-                            suite_info = suite_info + self.suite_data(suites)
+                            suite_info += self.suite_data(suites)
                     elif "suites" in endpoints["details"]:
                         for item in endpoints["details"]["suites"]:
                             for suites in item["list"]:
-                                suite_info = suite_info + self.suite_data(
+                                suite_info += self.suite_data(
                                     suites,
                                 )
                 except Exception:

@@ -72,7 +72,7 @@ def get_findings_v2(self, data, test):
 
             if dupe_key in dupes:
                 finding = dupes[dupe_key]
-                finding.description = finding.description + description
+                finding.description += description
                 finding.nb_occurences += 1
                 dupes[dupe_key] = finding
             else:
@@ -172,7 +172,7 @@ def get_findings_v3(self, data, test):
 
             if dupe_key in dupes:
                 finding = dupes[dupe_key]
-                finding.description = finding.description + description
+                finding.description += description
                 finding.nb_occurences += 1
                 dupes[dupe_key] = finding
             else: