Sign upLogin

failmap/admin

View on GitHub
Star

Showing 267 of 577 total issues

Function add_subdomain has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

    def add_subdomain(self, subdomain, internal_notes: str = ""):
        # import here to prevent circular/cyclic imports, this module imports Url.
        from websecmap.scanners.scanner.http import resolves

        if not subdomain:
Severity: Minor
Found in websecmap/organizations/models.py - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function compose_scan_task has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

def compose_scan_task(urls):
    tasks = []
    for url in urls:
        complete_endpoints, incomplete_endpoints = get_endpoints_with_missing_encryption(url)
Severity: Minor
Found in websecmap/scanners/scanner/plain_http.py - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function certificate_chain_ends_on_non_trusted_dutch_root_ca has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

def certificate_chain_ends_on_non_trusted_dutch_root_ca(serialized_certificates: List[str]) -> bool:
    # todo: there are more untrusted certificates from the dutch state.
    # Example: https://secure-t.sittard-geleen.nl
    # https://www.pyopenssl.org/en/stable/api/crypto.html
    if not serialized_certificates:
Severity: Minor
Found in websecmap/scanners/scanner/autoexplain_dutch_untrusted_cert.py - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function status has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

def status():
    """Return a dictionary with the status of the Celery task processing system."""
    inspect = app.control.inspect()

    # query workforce statistics using control.inspect API and extract some relevant data from it
Severity: Minor
Found in websecmap/celery/__init__.py - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function get_queryset has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

    def get_queryset(self):

        qs = Organization.objects.all().filter(is_dead=False).order_by(Lower("name"))

        organization_type = self.forwarded.get("organization_type_name", None)
Severity: Minor
Found in websecmap/game/views.py - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function geolocate_organizations has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

def geolocate_organizations(organizations: List):

    # read out once, to prevent a database query every time the variable is needed.
    # note: geocoding costs money(!)
    gmaps = googlemaps.Client(key=config.GOOGLE_MAPS_API_KEY)
Severity: Minor
Found in websecmap/organizations/datasources/__init__.py - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Avoid deeply nested control flow statements.
Open

                    if not already_in_overview(overview, scanner_id, activity, state):
                        overview.append({"scanner": scanner_id, "activity": activity, "state": state, "amount": 0})

    # Sort by scanner for easier human comprehension.
    overview = sorted(overview, key=lambda o: (o["scanner"], o["activity"], o["state"]))
Severity: Major
Found in websecmap/scanners/plannedscan.py - About 45 mins to fix

    Function count_queries has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

    def count_queries(message: str = ""):
    """
    Helps figuring out if django is silently adding more queries / slows things down. Happens when you're
    asking for a property that was not in the original query.
    Severity: Minor
    Found in websecmap/app/debug.py - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function analyze_website_headers has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

    def analyze_website_headers(endpoint_id: int, url: int, protocol: str, headers: Dict[str, str]):
    """
    #125: CSP can replace X-XSS-Protection and X-Frame-Options. Thus if a (more modern) CSP header is present, assume
    that decisions have been made about what's in it and ignore the previously mentioned headers.
    Severity: Minor
    Found in websecmap/scanners/scanner/security_headers.py - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function make_new_feature has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

    def make_new_feature(organization, scan):
    # log.debug('Making new feature %s, with scan %s' % (organization, scan))

    calculation = get_severity(scan)
    color = (
    Severity: Minor
    Found in websecmap/game/views.py - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function handle has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

        def handle(self, *args, **options):

        try:
            if options["id"]:
                for id in options["id"]:
    Severity: Minor
    Found in websecmap/scanners/management/commands/proxy_check.py - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function connect_result has 6 arguments (exceeds 4 allowed). Consider refactoring.
    Open

    def connect_result(result, protocol: str, url_id: int, port: int, ip_version: int, origin: str = ""):
    Severity: Minor
    Found in websecmap/scanners/scanner/http.py - About 45 mins to fix

      Function reorder has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
      Open

          def reorder(self, request, queryset):

        first_order = None

        for configuration in queryset:
      Severity: Minor
      Found in websecmap/map/admin.py - About 45 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function add_configuration has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
      Open

      def add_configuration(country: str, organization_type: int):

    if models.Configuration.objects.all().filter(country=country, organization_type=organization_type).exists():
        log.debug("This configuration already exists, skipping.")
        return
      Severity: Minor
      Found in websecmap/map/admin.py - About 45 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Avoid deeply nested control flow statements.
      Open

                          for r in url["ratings"]:
                        # stats over all different ratings
                        if r["type"] not in measurement["explained"]:
                            measurement["explained"][r["type"]] = {}
                            measurement["explained"][r["type"]]["total"] = 0
      Severity: Major
      Found in websecmap/map/report.py - About 45 mins to fix

        Function compose_task has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
        Open

        def compose_task(
    organizations_filter: dict = dict(),
    urls_filter: dict = dict(),
    endpoints_filter: dict = dict(),
) -> Task:
        Severity: Minor
        Found in websecmap/map/report.py - About 45 mins to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Avoid deeply nested control flow statements.
        Open

                            if scan.type in ENDPOINT_SCAN_TYPES:
                        these_endpoint_scans[scan.type] = scan

            # enrich the ratings with previous ratings, without overwriting them.
            for endpoint_scan_type in ENDPOINT_SCAN_TYPES:
        Severity: Major
        Found in websecmap/reporting/report.py - About 45 mins to fix

          Avoid deeply nested control flow statements.
          Open

                              if endpoint_scan_type not in given_ratings[label]:
                        calculations.append(get_severity(these_endpoint_scans[endpoint_scan_type]))

                        given_ratings[label].append(endpoint_scan_type)
                    else:
          Severity: Major
          Found in websecmap/reporting/report.py - About 45 mins to fix

            Function add_proxies has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
            Open

            def add_proxies(proxies: str):

    # urls is basically garbage input on multiple lines with spaces and comma's and all kinds of unicode.
    # here we try to break up this garbage into small pieces text, some are a url, some are garbage...
    proxies = proxies.replace(",", " ")
            Severity: Minor
            Found in websecmap/map/logic/admin.py - About 45 mins to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Avoid deeply nested control flow statements.
            Open

                                if urlrating["url"] in processed_urls:
                        # log.debug("Removed url because it's already in the report: %s" % urlrating["url"])
                        continue
            Severity: Major
            Found in websecmap/map/report.py - About 45 mins to fix
              Severity
              Category
              Status
              Source
              Language