Sign upLogin

failmap/admin

View on GitHub
Star
websecmap/reporting/report.py

Summary

Maintainability
F
5 days
Test Coverage

File report.py has 804 lines of code (exceeds 250 allowed). Consider refactoring.
Open

import logging
from collections import defaultdict
from copy import copy, deepcopy
from datetime import datetime
from typing import List, Union
Severity: Major
Found in websecmap/reporting/report.py - About 1 day to fix

    Function create_url_reports has a Cognitive Complexity of 87 (exceeds 5 allowed). Consider refactoring.
    Open

    def create_url_reports(url: Url) -> List[UrlReport]:
    timeline = create_timeline(url)
    url_reports: List[Union[UrlReport, None]] = []

    """
    Severity: Minor
    Found in websecmap/reporting/report.py - About 1 day to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Cyclomatic complexity is too high in function create_url_reports. (34)
    Open

    def create_url_reports(url: Url) -> List[UrlReport]:
    timeline = create_timeline(url)
    url_reports: List[Union[UrlReport, None]] = []

    """
    Severity: Minor
    Found in websecmap/reporting/report.py by radon

    Cyclomatic Complexity

    Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

    Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

    Construct Effect on CC Reasoning
    if +1 An if statement is a single decision.
    elif +1 The elif statement adds another decision.
    else +0 The else statement does not cause a new decision. The decision is at the if.
    for +1 There is a decision at the start of the loop.
    while +1 There is a decision at the while statement.
    except +1 Each except branch adds a new conditional path of execution.
    finally +0 The finally block is unconditionally executed.
    with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
    assert +1 The assert statement internally roughly equals a conditional statement.
    Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
    Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

    Source: http://radon.readthedocs.org/en/latest/intro.html

    Cyclomatic complexity is too high in function statistics_over_url_calculation. (14)
    Open

    def statistics_over_url_calculation(calculation):
    empty_with_some_extras = {
        "high": 0,
        "medium": 0,
        "low": 0,
    Severity: Minor
    Found in websecmap/reporting/report.py by radon

    Cyclomatic Complexity

    Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

    Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

    Construct Effect on CC Reasoning
    if +1 An if statement is a single decision.
    elif +1 The elif statement adds another decision.
    else +0 The else statement does not cause a new decision. The decision is at the if.
    for +1 There is a decision at the start of the loop.
    while +1 There is a decision at the while statement.
    except +1 Each except branch adds a new conditional path of execution.
    finally +0 The finally block is unconditionally executed.
    with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
    assert +1 The assert statement internally roughly equals a conditional statement.
    Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
    Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

    Source: http://radon.readthedocs.org/en/latest/intro.html

    Cyclomatic complexity is too high in function create_timeline. (13)
    Open

    def create_timeline(url: Url):
    """
    Maps happenings to moments.

    This is used to save database queries: when you know at what moment things change and what happened before,
    Severity: Minor
    Found in websecmap/reporting/report.py by radon

    Cyclomatic Complexity

    Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

    Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

    Construct Effect on CC Reasoning
    if +1 An if statement is a single decision.
    elif +1 The elif statement adds another decision.
    else +0 The else statement does not cause a new decision. The decision is at the if.
    for +1 There is a decision at the start of the loop.
    while +1 There is a decision at the while statement.
    except +1 Each except branch adds a new conditional path of execution.
    finally +0 The finally block is unconditionally executed.
    with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
    assert +1 The assert statement internally roughly equals a conditional statement.
    Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
    Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

    Source: http://radon.readthedocs.org/en/latest/intro.html

    Cyclomatic complexity is too high in function aggegrate_url_rating_scores. (12)
    Open

    def aggegrate_url_rating_scores(url_ratings: List, only_include_issues: List[str] = None):
    """

    :param url_ratings: All url ratings that should be combined into a single report.
    :param only_include_issues: List of issue names, that will be added in the report. This can save a lot of data.
    Severity: Minor
    Found in websecmap/reporting/report.py by radon

    Cyclomatic Complexity

    Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

    Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

    Construct Effect on CC Reasoning
    if +1 An if statement is a single decision.
    elif +1 The elif statement adds another decision.
    else +0 The else statement does not cause a new decision. The decision is at the if.
    for +1 There is a decision at the start of the loop.
    while +1 There is a decision at the while statement.
    except +1 Each except branch adds a new conditional path of execution.
    finally +0 The finally block is unconditionally executed.
    with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
    assert +1 The assert statement internally roughly equals a conditional statement.
    Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
    Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

    Source: http://radon.readthedocs.org/en/latest/intro.html

    Function inspect_timeline has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring.
    Open

    def inspect_timeline(timeline, url: Url):
    newline = "\r\n"
    message = ""
    message += "" + newline
    message += "This timeline shows all changes over time on the following url:" + newline
    Severity: Minor
    Found in websecmap/reporting/report.py - About 2 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Cyclomatic complexity is too high in function significant_moments. (10)
    Open

    def significant_moments(urls: List[Url] = None, reported_scan_types: List[str] = None):
    """
    Searches for all significant point in times that something changed. The goal is to save
    unneeded queries when rebuilding ratings. When you know when things changed, you know
    at what moments you need to create reports.
    Severity: Minor
    Found in websecmap/reporting/report.py by radon

    Cyclomatic Complexity

    Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

    Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

    Construct Effect on CC Reasoning
    if +1 An if statement is a single decision.
    elif +1 The elif statement adds another decision.
    else +0 The else statement does not cause a new decision. The decision is at the if.
    for +1 There is a decision at the start of the loop.
    while +1 There is a decision at the while statement.
    except +1 Each except branch adds a new conditional path of execution.
    finally +0 The finally block is unconditionally executed.
    with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
    assert +1 The assert statement internally roughly equals a conditional statement.
    Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
    Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

    Source: http://radon.readthedocs.org/en/latest/intro.html

    Cyclomatic complexity is too high in function inspect_timeline. (10)
    Open

    def inspect_timeline(timeline, url: Url):
    newline = "\r\n"
    message = ""
    message += "" + newline
    message += "This timeline shows all changes over time on the following url:" + newline
    Severity: Minor
    Found in websecmap/reporting/report.py by radon

    Cyclomatic Complexity

    Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

    Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

    Construct Effect on CC Reasoning
    if +1 An if statement is a single decision.
    elif +1 The elif statement adds another decision.
    else +0 The else statement does not cause a new decision. The decision is at the if.
    for +1 There is a decision at the start of the loop.
    while +1 There is a decision at the while statement.
    except +1 Each except branch adds a new conditional path of execution.
    finally +0 The finally block is unconditionally executed.
    with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
    assert +1 The assert statement internally roughly equals a conditional statement.
    Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
    Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

    Source: http://radon.readthedocs.org/en/latest/intro.html

    Cyclomatic complexity is too high in function recreate_url_report. (9)
    Open

    @app.task(queue="reporting")
def recreate_url_report(url_id):
    """
    This used to rebuild all reports every night. This works fine until there are a lot of urls and a lot of
    scan moments to address. It would rebuild 816088 rows on production each night while there are only
    Severity: Minor
    Found in websecmap/reporting/report.py by radon

    Cyclomatic Complexity

    Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

    Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

    Construct Effect on CC Reasoning
    if +1 An if statement is a single decision.
    elif +1 The elif statement adds another decision.
    else +0 The else statement does not cause a new decision. The decision is at the if.
    for +1 There is a decision at the start of the loop.
    while +1 There is a decision at the while statement.
    except +1 Each except branch adds a new conditional path of execution.
    finally +0 The finally block is unconditionally executed.
    with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
    assert +1 The assert statement internally roughly equals a conditional statement.
    Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
    Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

    Source: http://radon.readthedocs.org/en/latest/intro.html

    Function save_url_report has 54 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

    def save_url_report(url: Url, date: datetime, calculation, is_the_newest=False):
    # This also injects the statistics into the json, for use in representations / views in the right places.
    calculation, amount_of_issues = statistics_over_url_calculation(calculation)

    u = UrlReport()
    Severity: Major
    Found in websecmap/reporting/report.py - About 2 hrs to fix

      Function statistics_over_url_calculation has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring.
      Open

      def statistics_over_url_calculation(calculation):
    empty_with_some_extras = {
        "high": 0,
        "medium": 0,
        "low": 0,
      Severity: Minor
      Found in websecmap/reporting/report.py - About 2 hrs to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Cyclomatic complexity is too high in function remove_issues_from_calculation. (7)
      Open

      def remove_issues_from_calculation(calculation, issues):
    # todo: also recalculate here?
    new_url_ratings = []
    for url_rating in calculation["ratings"]:
        if url_rating["type"] in issues:
      Severity: Minor
      Found in websecmap/reporting/report.py by radon

      Cyclomatic Complexity

      Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

      Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

      Construct Effect on CC Reasoning
      if +1 An if statement is a single decision.
      elif +1 The elif statement adds another decision.
      else +0 The else statement does not cause a new decision. The decision is at the if.
      for +1 There is a decision at the start of the loop.
      while +1 There is a decision at the while statement.
      except +1 Each except branch adds a new conditional path of execution.
      finally +0 The finally block is unconditionally executed.
      with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
      assert +1 The assert statement internally roughly equals a conditional statement.
      Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
      Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

      Source: http://radon.readthedocs.org/en/latest/intro.html

      Function aggegrate_url_rating_scores has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring.
      Open

      def aggegrate_url_rating_scores(url_ratings: List, only_include_issues: List[str] = None):
    """

    :param url_ratings: All url ratings that should be combined into a single report.
    :param only_include_issues: List of issue names, that will be added in the report. This can save a lot of data.
      Severity: Minor
      Found in websecmap/reporting/report.py - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Cyclomatic complexity is too high in function judge. (6)
      Open

      def judge(amount_of_issues, clean_issues_for_judgement, key, reports: List):
    # All reports for the endpoint can determine a judgement for the endpoint. For example, if all endpoint reports
    # say that the result is ok. The endpoint itself becomes 'ok'.

    judgement_issues = deepcopy(clean_issues_for_judgement)
      Severity: Minor
      Found in websecmap/reporting/report.py by radon

      Cyclomatic Complexity

      Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

      Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

      Construct Effect on CC Reasoning
      if +1 An if statement is a single decision.
      elif +1 The elif statement adds another decision.
      else +0 The else statement does not cause a new decision. The decision is at the if.
      for +1 There is a decision at the start of the loop.
      while +1 There is a decision at the while statement.
      except +1 Each except branch adds a new conditional path of execution.
      finally +0 The finally block is unconditionally executed.
      with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
      assert +1 The assert statement internally roughly equals a conditional statement.
      Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
      Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

      Source: http://radon.readthedocs.org/en/latest/intro.html

      Function recreate_url_report has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring.
      Open

      def recreate_url_report(url_id):
    """
    This used to rebuild all reports every night. This works fine until there are a lot of urls and a lot of
    scan moments to address. It would rebuild 816088 rows on production each night while there are only
    60.000 urls. Only adding the latest report, if anything changed at all, will reduce 90% of the workload.
      Severity: Minor
      Found in websecmap/reporting/report.py - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function create_timeline has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
      Open

      def create_timeline(url: Url):
    """
    Maps happenings to moments.

    This is used to save database queries: when you know at what moment things change and what happened before,
      Severity: Minor
      Found in websecmap/reporting/report.py - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function add_statistics_to_calculation has 35 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

      def add_statistics_to_calculation(calculation, amount_of_issues):
    # inject all kinds of statistics inside the json for easier(?) representation.
    calculation["total_issues"] = amount_of_issues["overall"]["any"]
    calculation["high"] = amount_of_issues["overall"]["high"]
    calculation["medium"] = amount_of_issues["overall"]["medium"]
      Severity: Minor
      Found in websecmap/reporting/report.py - About 1 hr to fix

        Function remove_issues_from_calculation has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
        Open

        def remove_issues_from_calculation(calculation, issues):
    # todo: also recalculate here?
    new_url_ratings = []
    for url_rating in calculation["ratings"]:
        if url_rating["type"] in issues:
        Severity: Minor
        Found in websecmap/reporting/report.py - About 1 hr to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Function latest_rating_per_day_only has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
        Open

        def latest_rating_per_day_only(scans):
    """
    Update 12 nov 2018: If there are multiple changes per day on the url on the same issue, this might not give the
    correct results yet. For example: DNSSEC was scanned as ERROR and INFO on Nov 5 2018. Both are retrieved. Due to
    some reason, the ERROR one gets in the report, while the last_scan_moment of the INFO one is more recent.
        Severity: Minor
        Found in websecmap/reporting/report.py - About 55 mins to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Avoid deeply nested control flow statements.
        Open

                            if endpoint_scan_type not in given_ratings[label]:
                        calculations.append(get_severity(these_endpoint_scans[endpoint_scan_type]))

                        given_ratings[label].append(endpoint_scan_type)
                    else:
        Severity: Major
        Found in websecmap/reporting/report.py - About 45 mins to fix

          Avoid deeply nested control flow statements.
          Open

                              if scan.type in ENDPOINT_SCAN_TYPES:
                        these_endpoint_scans[scan.type] = scan

            # enrich the ratings with previous ratings, without overwriting them.
            for endpoint_scan_type in ENDPOINT_SCAN_TYPES:
          Severity: Major
          Found in websecmap/reporting/report.py - About 45 mins to fix

            Avoid too many return statements within this function.
            Open

                return amount_of_issues, judgement_issues
            Severity: Major
            Found in websecmap/reporting/report.py - About 30 mins to fix

              There are no issues that match your filters.

              Category
              Status