Ruff: Fix PTH118, merge PTH11

[kiblik]

Fix PTH118, merge PTH11* rules

[dryrunsecurity]

DryRun Security Summary

The pull request focuses on improving the DefectDojo application's test suite by enhancing maintainability, reliability, and security through comprehensive updates to file handling, parser testing, Jira integration, and API integrations.

Expand for full summary

Summary:

The code changes in this pull request cover a wide range of updates to the test suite for the DefectDojo application. The changes focus on improving the maintainability, reliability, and security of the application's functionality, particularly in areas related to file handling, Jira integration, parser testing, and API integrations.

Key highlights include:

1. Consistent use of the pathlib library for constructing file paths, which helps prevent potential security issues like directory traversal.
2. Comprehensive test coverage for various parser implementations, ensuring they can handle a wide range of input scenarios and edge cases.
3. Improvements to the Jira integration testing, including verifying the handling of grouped findings, comments, and tags.
4. Enhancements to the API integration tests, such as for the SonarQube, Anchore, and Cobalt.io integrations, to ensure the accuracy and reliability of the imported data.
5. Attention to security-related aspects, like handling of sensitive data in test recordings and validating the behavior of the application when encountering unexpected or malformed input.

Overall, these changes demonstrate a strong focus on improving the quality, maintainability, and security of the DefectDojo application through thorough testing and code refinements.

Files Changed:

• dojo/jira_link/helper.py: Minor changes to use the Path module instead of os.path.join() for constructing file paths.
• dojo/models.py: Removal of unused os module import and use of Path object instead of os.path.join().
• dojo/forms.py: Use of Path class to construct template directory path in the get_jira_issue_template_dir_choices() function.
• ruff.toml: Updates to the Ruff linter configuration, including changes to the select list and potential impact on security-related checks.
• dojo/settings/settings.dist.py: Comprehensive updates to the Django settings, focusing on security, authentication, logging, and external integrations.
• dojo/views.py: Improvements to file handling, authorization checks, and error handling.
• dojo/tools/factory.py: Changes to the module loading process, using the pathlib library for improved maintainability.
• tests/finding_test.py: Updates to file path handling using the Path class.
• unittests/dojo_test_case.py: Improvements to the test utility functions, including the introduction of get_unit_tests_scans_path().
• Various test files (e.g., test_ibm_appscan_test.py, test_importers_importer.py, test_jira_config_engagement_epic.py, etc.): Updates to use the get_unit_tests_scans_path() function for consistent file path handling in the test suite.

Code Analysis

We ran 9 analyzers against 30 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.