Ruff: Fix RUF056

[kiblik]

Fix RUF056. Enabler for #11490

[dryrunsecurity]

DryRun Security Summary

The pull request introduces performance and functionality improvements to the DefectDojo application across multiple files, focusing on optimizing product metrics, finding view handling, and the default re-importer, while maintaining the application's security posture.

Expand for full summary

Summary:

The code changes in this pull request cover various files related to the DefectDojo application, with a focus on improving the performance, functionality, and security of the application. The changes include optimizations to the product metrics calculations, updates to the finding view handling, improvements to the default re-importer, and a minor fix to a unit test.

From a security perspective, the changes do not introduce any obvious security vulnerabilities. The optimizations to the product metrics calculations and the finding view handling are focused on improving the application's performance and functionality without compromising security. The updates to the default re-importer also consider several security-relevant aspects, such as deduplication, handling of special-status findings, and endpoint management.

However, it is important to thoroughly review all code changes, even those that do not directly involve security-sensitive functionality, to ensure that no unintended consequences or side effects are introduced that could impact the application's security posture. Additionally, the use of user-supplied data and the implementation of security-related features should be carefully audited to maintain the overall security of the DefectDojo application.

Files Changed:

1. dojo/test/views.py: The changes remove the 0 check from the context.get("note_type_activation") condition in the get_form method, which does not introduce any obvious security vulnerabilities.
2. dojo/product/views.py: The changes focus on optimizing the performance of the metrics calculations by reducing the number of database queries and improving the time complexity of certain operations. These changes do not have any direct security implications.
3. dojo/finding/views.py: The changes in the get_form() method of the ViewFinding class use a ternary operator to determine the appropriate note form to use. This change does not appear to introduce any obvious security vulnerabilities, but it's important to ensure that the forms are properly validated and that user-supplied data is sanitized.
4. dojo/importers/default_reimporter.py: The changes in this file focus on improving the re-import process, including handling deduplication, mitigated/false positive/risk accepted findings, reactivation of findings, and endpoint management. These changes consider various security-relevant aspects and are important for maintaining the overall security of the application.
5. unittests/tools/test_tfsec_parser.py: The changes in this file are a minor fix to a unit test, which does not have any direct security implications.

Code Analysis

We ran 9 analyzers against 5 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[mtesauro]

Approved