Ruff: Fix PTH100, merge PTH10

[kiblik]

Fix PTH100

[dryrunsecurity]

DryRun Security Summary

The pull request includes infrastructure-level updates to the settings file, survey import command, and Ruff linter configuration, which do not introduce obvious security vulnerabilities but underscore the importance of ongoing security assessments.

Expand for full summary

Summary:

The code changes in this pull request include updates to the dojo/settings/settings.dist.py file, the dojo/management/commands/import_surveys.py management command, and the ruff.toml configuration file. These changes are primarily focused on infrastructure-level updates, improvements to the survey data import functionality, and adjustments to the Ruff linter configuration.

From an application security perspective, the changes do not introduce any obvious security vulnerabilities. The updates to the base directory calculation, the removal of the os import, and the handling of the polymorphic content type ID in the survey import command are all infrastructure-level changes that do not directly impact the security of the application. Similarly, the changes to the Ruff linter configuration are focused on code quality and style, rather than addressing specific security concerns.

However, it's important to note that while these changes do not directly introduce security risks, the overall security posture of the application should be regularly reviewed and assessed. This includes performing comprehensive security audits, code reviews, and vulnerability assessments to identify and address any potential security issues in the codebase.

Files Changed:

1. dojo/settings/settings.dist.py: The changes in this file update the calculation of the BASEDIR variable, which is used in the SAML2 configuration. The new approach of using Path(__file__).parent.absolute() is a more robust way of getting the base directory and does not introduce any security concerns.

2. dojo/management/commands/import_surveys.py: The changes in this file remove the os import, update the absolute path calculation for the initial_surveys.json file, and handle the retrieval and replacement of the polymorphic_ctype_id value. These changes are focused on improving the robustness and maintainability of the import_surveys.py management command and do not introduce any apparent security vulnerabilities.

3. ruff.toml: The changes in this file involve the removal and addition of specific Ruff linting rule codes. While these changes do not directly impact the security of the application, the overall configuration of the Ruff linter should be reviewed to ensure that it includes appropriate security-related checks and best practices.

Code Analysis

We ran 9 analyzers against 3 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[mtesauro]

Approved